Vue.js Security Scan Report

Summary

Total Files Scanned: 181

Critical Severity: 333

High Severity: 4777

Medium Severity: 3302

Low Severity: 284

Total Vulnerabilities: 8696

Vulnerability Classifications

XSS via v-html: 94

Critical: 5

High: 89

Template Injection: 728

High: 688

Medium: 40

Angular XSS Bypass: 321

Critical: 28

High: 293

DOM-based XSS (Events): 51

Critical: 3

High: 48

Hardcoded API Key: 17

High: 17

Vue Router Meta Security: 259

High: 50

Medium: 209

Request Header Injection: 46

High: 46

DOM-based XSS (Event Handler): 12

Critical: 3

High: 9

SSRF (Server-Side Request Forgery) Injection: 56

Critical: 56

Insecure HTTP Method: 214

High: 6

Medium: 208

Missing Network Retry: 20

Low: 20

Missing Encryption: 129

High: 129

API Rate Limiting Bypass: 52

High: 52

API Response Data Leakage: 529

Critical: 1

High: 528

API Log Security: 415

Critical: 1

Medium: 414

API Timeout Handling: 7

Low: 7

Third-Party API Security: 27

Medium: 27

Build Process Security: 131

Medium: 131

Cloud Function Security: 205

High: 205

Cloud Identity Security: 14

Critical: 14

Cloud Monitoring Security: 16

Medium: 16

Cloud Secret Management: 32

Critical: 32

Cloud Deployment Security: 31

Medium: 31

Container Orchestration Security: 7

Medium: 7

CI/CD Secrets Management: 25

Critical: 25

Automated Deployment Security: 79

Medium: 79

Unknown: 1132

High: 334

Medium: 798

DOM-based XSS (Location): 143

Critical: 1

High: 142

DOM-based XSS (Write): 3

Critical: 2

High: 1

DOM-based XSS (HTML): 108

Critical: 3

High: 105

DOM-based XSS (Eval): 73

Critical: 4

High: 69

Vue 3 Teleport XSS: 8

High: 1

Medium: 7

XSS via Route Parameters: 43

High: 7

Medium: 36

Vue Filter Usage: 1

Medium: 1

Vue 3 Composition API Potential Issue: 13

Medium: 13

Vue 3 Teleport Security Issue: 3

Medium: 3

Vue Router Security Issue: 11

Medium: 11

Vue Dynamic Component Usage: 326

High: 326

Vue 3 Reactive API Security: 17

Medium: 17

Global Variable Memory Leak: 97

Medium: 97

DOM Reference Memory Leak: 86

Medium: 86

SSR Template Injection: 454

Critical: 1

High: 453

XML Injection: 36

High: 36

Path Traversal: 224

Critical: 1

High: 223

File Inclusion: 154

Critical: 1

High: 153

Vue Directive Security Issue: 1

Medium: 1

Vue Router 4 Security Issue: 49

Medium: 49

Vue Router Navigation Guard Security: 4

High: 4

State Management Security Issue: 15

Medium: 15

Pinia State Management Security: 4

Medium: 4

Vue v-for Security Issue: 3

Medium: 3

Vue Slot Security Issue: 4

Medium: 4

LDAP Injection: 4

High: 4

Insecure Key Management: 26

High: 26

Unsafe Dynamic Import: 18

Medium: 18

Unsafe Route Parameter Usage: 5

High: 5

Potential Open Redirect: 1

Medium: 1

Deployment Process Security: 13

Medium: 13

Large Object Memory Leak: 65

High: 2

Medium: 63

Missing Code Signing: 43

Medium: 43

Build Environment Security: 26

Medium: 26

Code Quality and Security Scanning: 96

Low: 96

DevOps Security Gates: 64

Medium: 64

Hardcoded Password: 37

Critical: 1

High: 36

Insecure Password Storage: 19

Critical: 1

High: 18

Missing HTTPS Enforcement: 32

Medium: 32

Missing Input Pattern Validation: 15

Low: 15

Missing Input Length Validation: 7

Low: 7

Unsafe eval() Usage: 8

High: 8

DOM-based XSS (Storage): 32

High: 1

Medium: 31

Missing CSRF Token: 108

High: 108

Closure Memory Leak: 17

Medium: 17

Privilege Escalation: 5

High: 5

JSON Injection: 82

High: 2

Medium: 80

Missing Network Timeout: 12

Low: 12

Missing Network Headers: 5

Low: 5

Cloud Storage Security: 12

High: 12

Container Image Security: 14

High: 14

Container Running as Root: 14

High: 14

Container Health Check: 13

Low: 13

DevOps Permissions Management: 6

High: 6

Business Flow Bypass: 18

High: 18

Business Data Validation: 5

High: 5

Hardcoded Secret: 8

High: 8

Circular Reference: 7

Medium: 7

Business Rule Violation: 13

Medium: 13

Business Data Leakage: 29

High: 29

Security Logging: 32

Medium: 32

Vue 3.5+ defineModel Usage: 2

Medium: 2

Vue 3.5+ defineAsyncComponent Usage: 2

Medium: 2

Vue 3.5+ v-memo Directive: 1

Low: 1

Vue 3.5+ defineOptions Usage: 1

Low: 1

Network Rate Limiting: 19

Low: 19

Cloud Resource Security: 11

Medium: 11

Weak Random Number Generation: 56

Medium: 56

Insecure Random Generation: 19

Medium: 19

API Input Validation: 3

Critical: 1

High: 2

API Error Handling Leakage: 29

Medium: 29

React JSX XSS: 35

High: 35

Event Listener Memory Leak: 49

Medium: 49

Interval/Timeout Without Cleanup: 27

Medium: 27

XXE (XML External Entity) Injection: 60

Critical: 60

Mobile App Third-Party Libraries: 10

Medium: 10

WebAssembly Code Injection: 6

Critical: 6

WebAssembly Communication Security: 6

Medium: 6

XPath Injection: 2

High: 2

Network DNS Security: 10

Medium: 10

Web Worker Memory Leak: 20

Medium: 20

PostMessage XSS: 21

High: 21

Web Worker XSS: 12

Medium: 12

DOM Clobbering: 6

High: 6

WebSocket Security: 13

Medium: 13

WebSocket Authentication: 12

High: 12

Unsafe JSON.parse() Usage: 6

Medium: 6

Cloud Database Security: 16

High: 16

Missing Network Error Handling: 3

Low: 3

Hardcoded Token: 25

High: 25

Weak Encryption: 10

High: 10

Insufficient Key Length: 7

High: 7

XSS via dangerouslySetInnerHTML: 13

High: 13

Vue 3 Suspense XSS: 5

Medium: 5

Vue Component Event Listener Without Cleanup: 5

Medium: 5

Vue Watcher Without Teardown: 1

Medium: 1

Vulnerable Vue 2 Version: 3

High: 3

Insecure Form Submission: 19

Medium: 19

DOM-based XSS (Script Source): 50

High: 50

Location Header Injection: 1

High: 1

SVG XSS: 4

High: 4

API Pagination Security: 26

Low: 26

SSR Injection: 26

High: 26

Vue Plugin Security: 43

High: 3

Medium: 40

Cache Control Bypass: 28

Medium: 28

DOM-based XSS (Iframe): 4

High: 4

DOM-based XSS (Location Hash): 2

High: 2

Cloud Service Account Security: 4

High: 4

Business Logic Backdoor: 19

Critical: 19

Insecure File Upload: 30

High: 30

API Authentication Bypass: 17

Critical: 17

JWT Algorithm Confusion: 13

High: 13

Session Fixation: 2

High: 2

Missing Account Lockout: 8

High: 3

Medium: 5

Missing Two-Factor Authentication: 8

High: 4

Medium: 4

CSP Bypass: 27

High: 27

Insecure File Permissions: 43

Medium: 43

Insecure File Reading: 50

Medium: 50

Hardcoded Client Secret: 1

High: 1

Axios Without CSRF: 1

Medium: 1

Response Header Injection: 7

High: 7

Insecure Certificate Verification: 2

High: 2

Missing Input Type Validation: 6

Low: 6

Password Complexity Requirements: 1

Medium: 1

Hardcoded Private Key: 1

High: 1

Vue SSR Security Issue: 10

High: 10

Hydration Mismatch: 10

Medium: 10

Insecure File Deletion: 8

Medium: 8

Vulnerable Axios Version: 2

High: 2

Vulnerable Webpack Version: 3

High: 3

Supply Chain Attack Protection: 9

Critical: 9

Transitive Dependency Vulnerability: 3

High: 3

Hardcoded Auth Token: 1

High: 1

CSRF Token in Request Body: 3

Low: 3

SQL Injection via Sequelize: 5

High: 5

Command Injection: 38

Critical: 38

Generic Business Logic Vulnerability: 9

Medium: 9

Mobile App Sensitive Information Leakage: 17

High: 17

WebAssembly Validation: 2

High: 2

Console Log in Production: 7

Low: 7

Business Logic Concurrency Issue: 2

Medium: 2

Transaction Management Issue: 5

High: 5

Mobile App Permissions: 7

Medium: 7

Mobile App Network Communication: 6

High: 6

Mobile App Code Obfuscation: 6

Low: 6

Cloud Network Security: 2

Medium: 2

API Cache Security: 7

Medium: 7

Dependency License Security: 27

Low: 27

HTTP/2 Security: 1

Medium: 1

WebSocket Compression: 1

Low: 1

Network Proxy Security: 1

Medium: 1

NoSQL Injection: 9

High: 9

GraphQL Injection: 1

High: 1

CSV Injection: 1

Medium: 1

Security Header Override: 17

High: 17

CSS Expression XSS: 8

High: 8

OAuth Flow Vulnerability: 1

High: 1

Business Logic Resource Exhaustion: 5

Medium: 5

Missing Input Validation: 3

Medium: 3

Source Code Integrity: 16

High: 16

Security Auditing: 5

Medium: 5

Security Response Automation: 5

Low: 5

Mobile App Data Storage: 2

Medium: 2

Mobile App Update Mechanism: 7

Medium: 7

WebAssembly Permissions: 1

Medium: 1

Mobile App Certificate Pinning: 4

Medium: 4

Mobile App Anti-Debugging: 4

Low: 4

Mobile App Local Storage: 4

Medium: 4

WebAssembly Integrity: 1

Medium: 1

WebAssembly Performance Security: 1

Medium: 1

Vulnerabilities Found

XSS via v-html - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 14

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 20

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 14

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

DOM-based XSS (Events) - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 17

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

Hardcoded API Key - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 8

Description: Possible hardcoded API key

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 28

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 27

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

DOM-based XSS (Event Handler) - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 17

Description: Potential DOM-based XSS via event handlers

Recommendation: Avoid assigning user-controllable values to event handlers. Use addEventListener instead of inline handlers.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 28

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 26

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 8

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Network Retry - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 26

Description: Potential missing network retry mechanism

Recommendation: Implement retry logic for transient network failures to improve reliability.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 8

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 8

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 28

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 8

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 25

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 28

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 8

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 25

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 28

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Timeout Handling - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 26

Description: Potential API timeout handling issue

Recommendation: Implement proper timeout handling for API requests to prevent DoS attacks.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 8

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 28

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 8

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 7

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 16

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Identity Security - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 8

Description: Potential cloud identity and access management security issue

Recommendation: Implement least privilege principle. Rotate access keys regularly. Use temporary credentials.

Cloud Identity Security - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 28

Description: Potential cloud identity and access management security issue

Recommendation: Implement least privilege principle. Rotate access keys regularly. Use temporary credentials.

Cloud Monitoring Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 6

Description: Potential cloud monitoring security issue

Recommendation: Implement proper monitoring and logging. Set up alerts for security events.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 8

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 25

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 28

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 8

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Container Orchestration Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 8

Description: Potential container orchestration security issue

Recommendation: Secure Kubernetes clusters. Implement RBAC. Use secrets management. Apply network policies.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 8

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 25

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 28

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 6

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 8

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 26

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vulnerable-component.vue

Line: 28

Description: Property Authorization appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

XSS via v-html - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 4

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 10

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 13

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

DOM-based XSS (Location) - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 119

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Write) - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 123

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 60

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 86

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 39

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 108

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Vue 3 Teleport XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 92

Description: Potential XSS vulnerability via Vue 3 Teleport component

Recommendation: Ensure Teleport targets are not controlled by user input. Validate and sanitize all Teleport-related data.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 4

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

DOM-based XSS (Events) - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 7

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

XSS via Route Parameters - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 45

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 63

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

Vue Filter Usage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 28

Description: Vue filter defined, review for potential security issues

Recommendation: Ensure Vue filters properly sanitize and validate input to prevent XSS vulnerabilities.

Vue 3 Composition API Potential Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 68

Description: Vue 3 Composition API usage with potential security concern

Recommendation: Review Composition API usage to ensure proper validation of reactive data sources.

Vue 3 Composition API Potential Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 114

Description: Vue 3 Composition API usage with potential security concern

Recommendation: Review Composition API usage to ensure proper validation of reactive data sources.

Vue 3 Composition API Potential Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 72

Description: Vue 3 Composition API usage with potential security concern

Recommendation: Review Composition API usage to ensure proper validation of reactive data sources.

Vue 3 Composition API Potential Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 117

Description: Vue 3 Composition API usage with potential security concern

Recommendation: Review Composition API usage to ensure proper validation of reactive data sources.

Vue 3 Teleport Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 92

Description: Vue 3 Teleport usage with potential security concern

Recommendation: Ensure Teleport targets are not controlled by user input to prevent DOM manipulation vulnerabilities.

Vue Router Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 45

Description: Vue router usage with potential security concern

Recommendation: Validate and sanitize route parameters and destinations to prevent open redirects and parameter pollution.

Vue Router Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 63

Description: Vue router usage with potential security concern

Recommendation: Validate and sanitize route parameters and destinations to prevent open redirects and parameter pollution.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 59

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue 3 Reactive API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 72

Description: Vue 3 Reactive API usage with potential security concern

Recommendation: Review Reactive API usage to ensure proper validation of reactive data sources and avoid unintended exposure of sensitive information.

Vue 3 Reactive API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 71

Description: Vue 3 Reactive API usage with potential security concern

Recommendation: Review Reactive API usage to ensure proper validation of reactive data sources and avoid unintended exposure of sensitive information.

Vue 3 Reactive API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 77

Description: Vue 3 Reactive API usage with potential security concern

Recommendation: Review Reactive API usage to ensure proper validation of reactive data sources and avoid unintended exposure of sensitive information.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 119

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 46

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 85

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 59

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM-based XSS (Event Handler) - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 7

Description: Potential DOM-based XSS via event handlers

Recommendation: Avoid assigning user-controllable values to event handlers. Use addEventListener instead of inline handlers.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 43

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 45

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 63

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 85

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 92

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 59

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 43

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 45

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 63

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 85

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue23-security-issues.vue

Line: 43

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 10

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 18

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

DOM-based XSS (HTML) - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 82

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 4

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 7

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 13

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

XSS via Route Parameters - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 44

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

Vue Directive Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 4

Description: Vue directive with potential security issue

Recommendation: Ensure Vue directives do not bind untrusted content without proper sanitization.

Vue Router Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 56

Description: Vue router usage with potential security concern

Recommendation: Validate and sanitize route parameters and destinations to prevent open redirects and parameter pollution.

Vue Router Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 64

Description: Vue router usage with potential security concern

Recommendation: Validate and sanitize route parameters and destinations to prevent open redirects and parameter pollution.

Vue Router Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 44

Description: Vue router usage with potential security concern

Recommendation: Validate and sanitize route parameters and destinations to prevent open redirects and parameter pollution.

Vue Router Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 74

Description: Vue router usage with potential security concern

Recommendation: Validate and sanitize route parameters and destinations to prevent open redirects and parameter pollution.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 108

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 106

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 109

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router Navigation Guard Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 56

Description: Vue Router navigation guard usage with potential security concern

Recommendation: Ensure navigation guards properly validate route transitions and user permissions to prevent unauthorized access.

Vue Router Navigation Guard Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 114

Description: Vue Router navigation guard usage with potential security concern

Recommendation: Ensure navigation guards properly validate route transitions and user permissions to prevent unauthorized access.

State Management Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 53

Description: State management usage with potential security concern

Recommendation: Avoid storing sensitive information in client-side state without encryption. Validate all data before committing to store.

State Management Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 32

Description: State management usage with potential security concern

Recommendation: Avoid storing sensitive information in client-side state without encryption. Validate all data before committing to store.

State Management Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 26

Description: State management usage with potential security concern

Recommendation: Avoid storing sensitive information in client-side state without encryption. Validate all data before committing to store.

State Management Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 90

Description: State management usage with potential security concern

Recommendation: Avoid storing sensitive information in client-side state without encryption. Validate all data before committing to store.

Pinia State Management Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 26

Description: Pinia state management usage with potential security concern

Recommendation: Review Pinia store usage to ensure proper validation of data and avoid storing sensitive information without encryption.

Pinia State Management Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 90

Description: Pinia state management usage with potential security concern

Recommendation: Review Pinia store usage to ensure proper validation of data and avoid storing sensitive information without encryption.

Vue v-for Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 10

Description: Vue v-for with potential security concern

Recommendation: Ensure iteration sources are validated and sanitized to prevent injection attacks.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 50

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Slot Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 17

Description: Vue slot usage with potential security concern

Recommendation: Be cautious with slot content from untrusted sources.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 44

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 116

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

LDAP Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 80

Description: Potential LDAP injection

Recommendation: Use proper LDAP escaping libraries. Avoid string concatenation.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 126

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 66

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 126

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 44

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 116

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 44

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 116

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 10

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Unsafe Dynamic Import - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 66

Description: Potentially unsafe dynamic import

Recommendation: Ensure dynamic imports use statically analyzable strings or properly validate the import path.

Unsafe Dynamic Import - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 113

Description: Potentially unsafe dynamic import

Recommendation: Ensure dynamic imports use statically analyzable strings or properly validate the import path.

Unsafe Dynamic Import - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 126

Description: Potentially unsafe dynamic import

Recommendation: Ensure dynamic imports use statically analyzable strings or properly validate the import path.

Unsafe Route Parameter Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 44

Description: Route parameter used unsafely

Recommendation: Sanitize and validate route parameters before using them in templates or DOM manipulation.

Potential Open Redirect - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 74

Description: Potential open redirect vulnerability in router navigation

Recommendation: Validate redirect URLs against a whitelist of allowed domains/endpoints.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 10

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Deployment Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\additional-vue-security-issues.vue

Line: 74

Description: Potential deployment process security issue

Recommendation: Secure deployment pipelines. Implement environment isolation and access controls.

XSS via v-html - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 5

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 11

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 5

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Hardcoded API Key - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 22

Description: Possible hardcoded API key

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Vue Router Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 29

Description: Vue router usage with potential security concern

Recommendation: Validate and sanitize route parameters and destinations to prevent open redirects and parameter pollution.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 35

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 11

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 22

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 11

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 22

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 11

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 22

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 11

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 22

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 11

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 22

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 22

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 11

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 22

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Deployment Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 29

Description: Potential deployment process security issue

Recommendation: Secure deployment pipelines. Implement environment isolation and access controls.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 35

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Cloud Identity Security - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 11

Description: Potential cloud identity and access management security issue

Recommendation: Implement least privilege principle. Rotate access keys regularly. Use temporary credentials.

Cloud Identity Security - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 22

Description: Potential cloud identity and access management security issue

Recommendation: Implement least privilege principle. Rotate access keys regularly. Use temporary credentials.

Cloud Monitoring Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 20

Description: Potential cloud monitoring security issue

Recommendation: Implement proper monitoring and logging. Set up alerts for security events.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 11

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 22

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 22

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Container Orchestration Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 11

Description: Potential container orchestration security issue

Recommendation: Secure Kubernetes clusters. Implement RBAC. Use secrets management. Apply network policies.

Container Orchestration Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 22

Description: Potential container orchestration security issue

Recommendation: Secure Kubernetes clusters. Implement RBAC. Use secrets management. Apply network policies.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 11

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 22

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 15

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 20

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 29

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 39

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 22

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 17

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestSecurityComponent.vue

Line: 8

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

XSS via v-html - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 5

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 11

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

DOM-based XSS (Eval) - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 33

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 5

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 14

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 24

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded API Key - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 25

Description: Possible hardcoded API key

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Insecure Password Storage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 24

Description: Potentially insecure password storage

Recommendation: Never store passwords in plain text. Use bcrypt, scrypt, or argon2 for password hashing.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 8

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 24

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 26

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 8

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 24

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Input Pattern Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 8

Description: Input without pattern validation

Recommendation: Add pattern validation for inputs to ensure they match expected formats.

Missing Input Length Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 8

Description: Input without length validation

Recommendation: Add length validation for inputs to prevent excessive data submission.

Unsafe eval() Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 33

Description: Potentially unsafe use of eval()

Recommendation: Avoid using eval() with user input. Use safer alternatives like Function() or JSON.parse().

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 11

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 25

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 8

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 11

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 24

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 25

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 8

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 11

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 24

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 25

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 25

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 8

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 24

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 25

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 26

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Identity Security - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 11

Description: Potential cloud identity and access management security issue

Recommendation: Implement least privilege principle. Rotate access keys regularly. Use temporary credentials.

Cloud Identity Security - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 25

Description: Potential cloud identity and access management security issue

Recommendation: Implement least privilege principle. Rotate access keys regularly. Use temporary credentials.

Cloud Monitoring Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 23

Description: Potential cloud monitoring security issue

Recommendation: Implement proper monitoring and logging. Set up alerts for security events.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 8

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 11

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\test-vue-app\TestComponent.vue

Line: 24

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 22

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 23

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 34

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 35

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 2

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 6

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 7

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 8

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 9

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 10

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 12

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 13

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 21

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 24

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 25

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 26

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 27

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 28

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 33

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

DOM-based XSS (Storage) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 206

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

Vue 3 Composition API Potential Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 57

Description: Vue 3 Composition API usage with potential security concern

Recommendation: Review Composition API usage to ensure proper validation of reactive data sources.

Vue 3 Composition API Potential Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 149

Description: Vue 3 Composition API usage with potential security concern

Recommendation: Review Composition API usage to ensure proper validation of reactive data sources.

State Management Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 126

Description: State management usage with potential security concern

Recommendation: Avoid storing sensitive information in client-side state without encryption. Validate all data before committing to store.

Vue v-for Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 33

Description: Vue v-for with potential security concern

Recommendation: Ensure iteration sources are validated and sanitized to prevent injection attacks.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 96

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 102

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 146

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 154

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 168

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 179

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 188

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue 3 Reactive API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 149

Description: Vue 3 Reactive API usage with potential security concern

Recommendation: Review Reactive API usage to ensure proper validation of reactive data sources and avoid unintended exposure of sensitive information.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 179

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 188

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Closure Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 108

Description: Potential memory leak from closures

Recommendation: Avoid creating unnecessary closures. Clean up references in closures when no longer needed.

Closure Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 148

Description: Potential memory leak from closures

Recommendation: Avoid creating unnecessary closures. Clean up references in closures when no longer needed.

Closure Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 156

Description: Potential memory leak from closures

Recommendation: Avoid creating unnecessary closures. Clean up references in closures when no longer needed.

Closure Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 170

Description: Potential memory leak from closures

Recommendation: Avoid creating unnecessary closures. Clean up references in closures when no longer needed.

Closure Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 180

Description: Potential memory leak from closures

Recommendation: Avoid creating unnecessary closures. Clean up references in closures when no longer needed.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 190

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 193

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Privilege Escalation - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 24

Description: Potential privilege escalation vulnerability

Recommendation: Always verify user permissions before performing privileged operations.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 97

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 102

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 146

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 154

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 168

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 179

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 193

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\vue-quality-test.vue

Line: 206

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 11

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 2

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 10

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Vue 3 Composition API Potential Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 23

Description: Vue 3 Composition API usage with potential security concern

Recommendation: Review Composition API usage to ensure proper validation of reactive data sources.

Vue 3 Composition API Potential Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 38

Description: Vue 3 Composition API usage with potential security concern

Recommendation: Review Composition API usage to ensure proper validation of reactive data sources.

State Management Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 102

Description: State management usage with potential security concern

Recommendation: Avoid storing sensitive information in client-side state without encryption. Validate all data before committing to store.

Vue v-for Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 10

Description: Vue v-for with potential security concern

Recommendation: Ensure iteration sources are validated and sanitized to prevent injection attacks.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 48

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 54

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 81

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 87

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue 3 Reactive API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 38

Description: Vue 3 Reactive API usage with potential security concern

Recommendation: Review Reactive API usage to ensure proper validation of reactive data sources and avoid unintended exposure of sensitive information.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 87

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 89

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 49

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 89

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 54

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 81

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 87

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 89

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 89

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Missing Network Timeout - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 54

Description: Potential missing network timeout

Recommendation: Set appropriate timeouts for network requests to prevent hanging connections.

Missing Network Timeout - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 81

Description: Potential missing network timeout

Recommendation: Set appropriate timeouts for network requests to prevent hanging connections.

Missing Network Retry - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 54

Description: Potential missing network retry mechanism

Recommendation: Implement retry logic for transient network failures to improve reliability.

Missing Network Retry - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 81

Description: Potential missing network retry mechanism

Recommendation: Implement retry logic for transient network failures to improve reliability.

Missing Network Retry - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 87

Description: Potential missing network retry mechanism

Recommendation: Implement retry logic for transient network failures to improve reliability.

Missing Network Headers - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 87

Description: Potential missing network headers

Recommendation: Add appropriate headers to network requests, such as Content-Type and Accept.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 10

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 55

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 82

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 91

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 10

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Timeout Handling - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 54

Description: Potential API timeout handling issue

Recommendation: Implement proper timeout handling for API requests to prevent DoS attacks.

API Timeout Handling - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 81

Description: Potential API timeout handling issue

Recommendation: Implement proper timeout handling for API requests to prevent DoS attacks.

API Timeout Handling - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 87

Description: Potential API timeout handling issue

Recommendation: Implement proper timeout handling for API requests to prevent DoS attacks.

Cloud Storage Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 63

Description: Potential cloud storage security issue

Recommendation: Secure cloud storage buckets with proper access controls. Use encryption for sensitive data.

Cloud Identity Security - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 48

Description: Potential cloud identity and access management security issue

Recommendation: Implement least privilege principle. Rotate access keys regularly. Use temporary credentials.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 10

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Container Image Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 23

Description: Potential container image security issue

Recommendation: Use official base images. Scan images for vulnerabilities. Implement image signing and verification.

Container Running as Root - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 23

Description: Container running as root user

Recommendation: Run containers as non-root users. Use USER directive in Dockerfile.

Container Health Check - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 23

Description: Container missing health check

Recommendation: Implement health checks for containers to ensure proper monitoring.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 10

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 22

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 106

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

DevOps Permissions Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 48

Description: Potential DevOps permissions management issue

Recommendation: Implement least privilege principle. Regularly review and rotate access credentials.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 101

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

Business Flow Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 102

Description: Potential business flow bypass vulnerability

Recommendation: Implement server-side validation of business processes. Use state machines for complex workflows. Verify all steps in business processes.

Business Data Validation - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-files\simple-quality-example.vue

Line: 29

Description: Missing or inadequate business data validation

Recommendation: Implement comprehensive data validation for all business inputs. Validate data types, ranges, formats, and business rules.

XSS via v-html - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 4

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 7

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

DOM-based XSS (Eval) - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 38

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 2

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 4

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 13

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

DOM-based XSS (Events) - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 10

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

XSS via Route Parameters - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 32

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 33

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 36

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 42

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 26

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Secret - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 27

Description: Possible hardcoded secret

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded API Key - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 25

Description: Possible hardcoded API key

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Vue Router Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 33

Description: Vue router usage with potential security concern

Recommendation: Validate and sanitize route parameters and destinations to prevent open redirects and parameter pollution.

Circular Reference - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 32

Description: Potential circular reference causing memory leak

Recommendation: Avoid creating circular references, especially between different objects.

Circular Reference - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 33

Description: Potential circular reference causing memory leak

Recommendation: Avoid creating circular references, especially between different objects.

DOM-based XSS (Event Handler) - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 10

Description: Potential DOM-based XSS via event handlers

Recommendation: Avoid assigning user-controllable values to event handlers. Use addEventListener instead of inline handlers.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 32

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 33

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 36

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 42

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Insecure Password Storage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 26

Description: Potentially insecure password storage

Recommendation: Never store passwords in plain text. Use bcrypt, scrypt, or argon2 for password hashing.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 32

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 33

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 36

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 42

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 32

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 33

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 36

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 42

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 13

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 24

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 25

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 27

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 13

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 24

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 25

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\src\HomeView.vue

Line: 27

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 4

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 18

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 38

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 3

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 4

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 18

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 21

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 23

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 36

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 38

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 41

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Deployment Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 12

Description: Potential deployment process security issue

Recommendation: Secure deployment pipelines. Implement environment isolation and access controls.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 12

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 1

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 4

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 10

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 28

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Business Rule Violation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 1

Description: Potential business rule violation

Recommendation: Implement server-side enforcement of business rules. Validate all business operations against defined rules.

Business Rule Violation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 4

Description: Potential business rule violation

Recommendation: Implement server-side enforcement of business rules. Validate all business operations against defined rules.

Business Rule Violation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 7

Description: Potential business rule violation

Recommendation: Implement server-side enforcement of business rules. Validate all business operations against defined rules.

Business Rule Violation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 10

Description: Potential business rule violation

Recommendation: Implement server-side enforcement of business rules. Validate all business operations against defined rules.

Business Rule Violation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 11

Description: Potential business rule violation

Recommendation: Implement server-side enforcement of business rules. Validate all business operations against defined rules.

Business Rule Violation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 12

Description: Potential business rule violation

Recommendation: Implement server-side enforcement of business rules. Validate all business operations against defined rules.

Business Rule Violation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 14

Description: Potential business rule violation

Recommendation: Implement server-side enforcement of business rules. Validate all business operations against defined rules.

Business Rule Violation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 18

Description: Potential business rule violation

Recommendation: Implement server-side enforcement of business rules. Validate all business operations against defined rules.

Business Rule Violation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 28

Description: Potential business rule violation

Recommendation: Implement server-side enforcement of business rules. Validate all business operations against defined rules.

Business Rule Violation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 29

Description: Potential business rule violation

Recommendation: Implement server-side enforcement of business rules. Validate all business operations against defined rules.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 3

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 4

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 18

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 21

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 23

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 36

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 38

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 41

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 3

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 4

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 18

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 21

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 23

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 36

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 38

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 41

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\validate-rules.js

Line: 1

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 33

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 32

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Vue 3 Composition API Potential Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 3

Description: Vue 3 Composition API usage with potential security concern

Recommendation: Review Composition API usage to ensure proper validation of reactive data sources.

Vue 3 Composition API Potential Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 37

Description: Vue 3 Composition API usage with potential security concern

Recommendation: Review Composition API usage to ensure proper validation of reactive data sources.

Vue 3 Composition API Potential Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 38

Description: Vue 3 Composition API usage with potential security concern

Recommendation: Review Composition API usage to ensure proper validation of reactive data sources.

Vue 3 Composition API Potential Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 80

Description: Vue 3 Composition API usage with potential security concern

Recommendation: Review Composition API usage to ensure proper validation of reactive data sources.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 108

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 107

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

State Management Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 122

Description: State management usage with potential security concern

Recommendation: Avoid storing sensitive information in client-side state without encryption. Validate all data before committing to store.

State Management Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 124

Description: State management usage with potential security concern

Recommendation: Avoid storing sensitive information in client-side state without encryption. Validate all data before committing to store.

Pinia State Management Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 122

Description: Pinia state management usage with potential security concern

Recommendation: Review Pinia store usage to ensure proper validation of data and avoid storing sensitive information without encryption.

Pinia State Management Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 124

Description: Pinia state management usage with potential security concern

Recommendation: Review Pinia store usage to ensure proper validation of data and avoid storing sensitive information without encryption.

Vue 3 Reactive API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 37

Description: Vue 3 Reactive API usage with potential security concern

Recommendation: Review Reactive API usage to ensure proper validation of reactive data sources and avoid unintended exposure of sensitive information.

Vue 3 Reactive API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 38

Description: Vue 3 Reactive API usage with potential security concern

Recommendation: Review Reactive API usage to ensure proper validation of reactive data sources and avoid unintended exposure of sensitive information.

Vue 3 Reactive API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 80

Description: Vue 3 Reactive API usage with potential security concern

Recommendation: Review Reactive API usage to ensure proper validation of reactive data sources and avoid unintended exposure of sensitive information.

Vue 3 Reactive API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 88

Description: Vue 3 Reactive API usage with potential security concern

Recommendation: Review Reactive API usage to ensure proper validation of reactive data sources and avoid unintended exposure of sensitive information.

Vue 3 Reactive API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 83

Description: Vue 3 Reactive API usage with potential security concern

Recommendation: Review Reactive API usage to ensure proper validation of reactive data sources and avoid unintended exposure of sensitive information.

Vue 3.5+ defineModel Usage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 8

Description: Vue 3.5+ defineModel usage with potential security concern

Recommendation: Ensure defineModel values are properly validated and sanitized to prevent injection vulnerabilities.

Vue 3.5+ defineModel Usage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 9

Description: Vue 3.5+ defineModel usage with potential security concern

Recommendation: Ensure defineModel values are properly validated and sanitized to prevent injection vulnerabilities.

Vue 3.5+ defineAsyncComponent Usage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 21

Description: Vue 3.5+ defineAsyncComponent usage with potential security concern

Recommendation: Ensure async component loading is properly secured and does not expose sensitive information.

Vue 3.5+ v-memo Directive - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 32

Description: Vue 3.5+ v-memo directive usage detected

Recommendation: Review v-memo usage to ensure it does not bypass necessary security validations.

Vue 3.5+ defineOptions Usage - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 58

Description: Vue 3.5+ defineOptions usage detected

Recommendation: Review defineOptions usage to ensure security-related options are properly configured.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 84

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Network Rate Limiting - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 9

Description: Potential missing network rate limiting

Recommendation: Implement rate limiting for network requests to prevent DoS attacks.

Network Rate Limiting - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 80

Description: Potential missing network rate limiting

Recommendation: Implement rate limiting for network requests to prevent DoS attacks.

Unsafe Dynamic Import - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 22

Description: Potentially unsafe dynamic import

Recommendation: Ensure dynamic imports use statically analyzable strings or properly validate the import path.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 84

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Deployment Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 111

Description: Potential deployment process security issue

Recommendation: Secure deployment pipelines. Implement environment isolation and access controls.

Cloud Resource Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 30

Description: Potential cloud resource security issue

Recommendation: Monitor and secure all cloud resources. Remove unused resources. Implement resource tagging.

Cloud Resource Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 141

Description: Potential cloud resource security issue

Recommendation: Monitor and secure all cloud resources. Remove unused resources. Implement resource tagging.

Container Image Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 3

Description: Potential container image security issue

Recommendation: Use official base images. Scan images for vulnerabilities. Implement image signing and verification.

Container Image Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 84

Description: Potential container image security issue

Recommendation: Use official base images. Scan images for vulnerabilities. Implement image signing and verification.

Container Image Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 103

Description: Potential container image security issue

Recommendation: Use official base images. Scan images for vulnerabilities. Implement image signing and verification.

Container Image Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 122

Description: Potential container image security issue

Recommendation: Use official base images. Scan images for vulnerabilities. Implement image signing and verification.

Container Running as Root - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 3

Description: Container running as root user

Recommendation: Run containers as non-root users. Use USER directive in Dockerfile.

Container Running as Root - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 84

Description: Container running as root user

Recommendation: Run containers as non-root users. Use USER directive in Dockerfile.

Container Running as Root - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 103

Description: Container running as root user

Recommendation: Run containers as non-root users. Use USER directive in Dockerfile.

Container Running as Root - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 122

Description: Container running as root user

Recommendation: Run containers as non-root users. Use USER directive in Dockerfile.

Container Health Check - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 3

Description: Container missing health check

Recommendation: Implement health checks for containers to ensure proper monitoring.

Container Health Check - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 84

Description: Container missing health check

Recommendation: Implement health checks for containers to ensure proper monitoring.

Container Health Check - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 103

Description: Container missing health check

Recommendation: Implement health checks for containers to ensure proper monitoring.

Container Health Check - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 122

Description: Container missing health check

Recommendation: Implement health checks for containers to ensure proper monitoring.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 111

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 6

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 30

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 57

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 59

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 78

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 105

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue35-features.js

Line: 110

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DOM-based XSS (Write) - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 7

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Hardcoded Password - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 10

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded API Key - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 13

Description: Possible hardcoded API key

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

SSR Template Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 6

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Insecure Password Storage - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 10

Description: Potentially insecure password storage

Recommendation: Never store passwords in plain text. Use bcrypt, scrypt, or argon2 for password hashing.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 29

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 34

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 35

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 36

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 37

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Path Traversal - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 6

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 6

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 16

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Insecure Random Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 16

Description: Potentially insecure random number generation

Recommendation: Use crypto.randomBytes() or crypto.getRandomValues() for cryptographic randomness.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 13

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Unsafe Dynamic Import - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 19

Description: Potentially unsafe dynamic import

Recommendation: Ensure dynamic imports use statically analyzable strings or properly validate the import path.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 13

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 13

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Input Validation - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 6

Description: Potential API input validation issue

Recommendation: Validate all API inputs thoroughly. Use schema validation and parameter sanitization.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 47

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 22

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 23

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 24

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 28

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 29

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 32

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 34

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 35

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 36

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 37

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 38

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 41

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 44

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 46

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 47

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 10

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 13

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 13

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 13

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Cloud Identity Security - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 13

Description: Potential cloud identity and access management security issue

Recommendation: Implement least privilege principle. Rotate access keys regularly. Use temporary credentials.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 10

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 13

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 13

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-scan.js

Line: 1

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 41

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 48

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 49

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 11

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 5

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 31

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 32

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 33

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 34

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 35

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 36

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 37

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 44

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 46

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 48

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 49

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 53

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 55

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 4

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 11

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 2

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 4

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 5

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 8

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 14

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 23

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 31

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 32

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 53

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 55

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 59

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 2

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 4

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 5

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 8

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 14

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 16

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 23

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 31

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-dast-scanner.js

Line: 2

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 217

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 218

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 363

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 368

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 369

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 373

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 377

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 381

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 388

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 398

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 14

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 271

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 176

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Closure Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 103

Description: Potential memory leak from closures

Recommendation: Avoid creating unnecessary closures. Clean up references in closures when no longer needed.

Closure Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 128

Description: Potential memory leak from closures

Recommendation: Avoid creating unnecessary closures. Clean up references in closures when no longer needed.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 345

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 362

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 408

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 110

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 117

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 142

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 199

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 202

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 232

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 233

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 235

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 237

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 238

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 240

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 243

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 259

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 261

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 265

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 274

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 279

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 314

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 327

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 330

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 338

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 394

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 313

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 329

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 345

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 362

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 408

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 345

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 362

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 408

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 1

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 2

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 6

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 7

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 8

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\index.js

Line: 133

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 352

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 354

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 303

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 307

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 341

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 342

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 343

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 344

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 345

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 481

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 482

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 487

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 488

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 492

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 496

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 500

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 508

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 649

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 650

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 656

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 657

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 661

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 665

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 669

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 676

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 685

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 694

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 132

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 315

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 67

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 23

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 28

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 77

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 94

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 97

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 120

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 124

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 133

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 136

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 158

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 163

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 171

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 254

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 315

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 368

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 371

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 393

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 398

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 404

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 412

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 4

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 6

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 23

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 25

Description: Accessing document property which may lead to security issues

Recommendation: Avoid accessing document directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 28

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 41

Description: Calling vscode.commands.executeCommand with potentially unsafe data

Recommendation: Avoid using vscode.commands.executeCommand with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 67

Description: Calling setTimeout with potentially unsafe data

Recommendation: Avoid using setTimeout with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 77

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 94

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 97

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 111

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 120

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 124

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 133

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 136

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 149

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 158

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 163

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 171

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 254

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 368

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 371

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 382

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 393

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 398

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 404

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 412

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 526

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 529

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 540

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 541

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 562

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 566

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\out\extension.js

Line: 574

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 13

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 19

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 1

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 2

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 4

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 5

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 6

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 27

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 18

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Cloud Storage Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 19

Description: Potential cloud storage security issue

Recommendation: Secure cloud storage buckets with proper access controls. Use encryption for sensitive data.

Container Image Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 4

Description: Potential container image security issue

Recommendation: Use official base images. Scan images for vulnerabilities. Implement image signing and verification.

Container Image Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 5

Description: Potential container image security issue

Recommendation: Use official base images. Scan images for vulnerabilities. Implement image signing and verification.

Container Image Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 6

Description: Potential container image security issue

Recommendation: Use official base images. Scan images for vulnerabilities. Implement image signing and verification.

Container Running as Root - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 4

Description: Container running as root user

Recommendation: Run containers as non-root users. Use USER directive in Dockerfile.

Container Running as Root - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 5

Description: Container running as root user

Recommendation: Run containers as non-root users. Use USER directive in Dockerfile.

Container Running as Root - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 6

Description: Container running as root user

Recommendation: Run containers as non-root users. Use USER directive in Dockerfile.

Container Health Check - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 4

Description: Container missing health check

Recommendation: Implement health checks for containers to ensure proper monitoring.

Container Health Check - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 5

Description: Container missing health check

Recommendation: Implement health checks for containers to ensure proper monitoring.

Container Health Check - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 6

Description: Container missing health check

Recommendation: Implement health checks for containers to ensure proper monitoring.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 6

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 11

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 15

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Mobile App Third-Party Libraries - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 5

Description: Potential mobile app third-party library security issue

Recommendation: Scan third-party libraries for security vulnerabilities. Use only trusted libraries. Keep libraries updated.

Mobile App Third-Party Libraries - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 6

Description: Potential mobile app third-party library security issue

Recommendation: Scan third-party libraries for security vulnerabilities. Use only trusted libraries. Keep libraries updated.

Mobile App Third-Party Libraries - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 9

Description: Potential mobile app third-party library security issue

Recommendation: Scan third-party libraries for security vulnerabilities. Use only trusted libraries. Keep libraries updated.

Mobile App Third-Party Libraries - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 11

Description: Potential mobile app third-party library security issue

Recommendation: Scan third-party libraries for security vulnerabilities. Use only trusted libraries. Keep libraries updated.

Mobile App Third-Party Libraries - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 17

Description: Potential mobile app third-party library security issue

Recommendation: Scan third-party libraries for security vulnerabilities. Use only trusted libraries. Keep libraries updated.

WebAssembly Code Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 4

Description: Potential WebAssembly code injection vulnerability

Recommendation: Validate and sanitize all input to WebAssembly modules. Avoid dynamic code generation. Use proper isolation for WebAssembly modules.

WebAssembly Code Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 5

Description: Potential WebAssembly code injection vulnerability

Recommendation: Validate and sanitize all input to WebAssembly modules. Avoid dynamic code generation. Use proper isolation for WebAssembly modules.

WebAssembly Code Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 6

Description: Potential WebAssembly code injection vulnerability

Recommendation: Validate and sanitize all input to WebAssembly modules. Avoid dynamic code generation. Use proper isolation for WebAssembly modules.

WebAssembly Code Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 8

Description: Potential WebAssembly code injection vulnerability

Recommendation: Validate and sanitize all input to WebAssembly modules. Avoid dynamic code generation. Use proper isolation for WebAssembly modules.

WebAssembly Code Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 17

Description: Potential WebAssembly code injection vulnerability

Recommendation: Validate and sanitize all input to WebAssembly modules. Avoid dynamic code generation. Use proper isolation for WebAssembly modules.

WebAssembly Communication Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 4

Description: Potential WebAssembly communication security issue

Recommendation: Secure communication between WebAssembly and JavaScript. Validate all data passed between WebAssembly and JavaScript. Use structured cloning for complex data.

WebAssembly Communication Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 5

Description: Potential WebAssembly communication security issue

Recommendation: Secure communication between WebAssembly and JavaScript. Validate all data passed between WebAssembly and JavaScript. Use structured cloning for complex data.

WebAssembly Communication Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 6

Description: Potential WebAssembly communication security issue

Recommendation: Secure communication between WebAssembly and JavaScript. Validate all data passed between WebAssembly and JavaScript. Use structured cloning for complex data.

WebAssembly Communication Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\vite.config.example.js

Line: 8

Description: Potential WebAssembly communication security issue

Recommendation: Secure communication between WebAssembly and JavaScript. Validate all data passed between WebAssembly and JavaScript. Use structured cloning for complex data.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 118

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 367

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 372

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 373

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 377

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 381

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 385

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 392

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 402

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 19

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 177

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 118

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 248

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 349

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 366

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 412

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 138

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 139

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 141

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 143

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 144

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 146

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 149

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 165

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 167

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 171

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 180

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 185

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 198

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 214

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 271

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 274

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 309

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 328

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 331

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 342

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 398

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 308

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 330

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 349

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 366

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 412

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 349

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 366

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 412

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 1

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 2

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 6

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 7

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 8

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\index.js

Line: 205

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

XPath Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 139

Description: Potential XPath injection

Recommendation: Use parameterized XPath queries. Avoid string concatenation.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 4

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 11

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 12

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 26

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 29

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 45

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 46

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 59

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 63

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 89

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 92

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 109

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 111

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 134

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 137

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 1

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Network DNS Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 147

Description: Potential network DNS security issue

Recommendation: Use secure DNS servers. Implement DNSSEC where possible.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 99

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 100

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 9

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 17

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 25

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 33

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 41

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 50

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 57

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 67

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 77

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 87

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 96

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 108

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 116

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 124

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 133

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 143

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 99

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 100

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Cloud Resource Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 139

Description: Potential cloud resource security issue

Recommendation: Monitor and secure all cloud resources. Remove unused resources. Implement resource tagging.

Container Image Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 3

Description: Potential container image security issue

Recommendation: Use official base images. Scan images for vulnerabilities. Implement image signing and verification.

Container Image Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 4

Description: Potential container image security issue

Recommendation: Use official base images. Scan images for vulnerabilities. Implement image signing and verification.

Container Image Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 5

Description: Potential container image security issue

Recommendation: Use official base images. Scan images for vulnerabilities. Implement image signing and verification.

Container Image Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 6

Description: Potential container image security issue

Recommendation: Use official base images. Scan images for vulnerabilities. Implement image signing and verification.

Container Running as Root - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 3

Description: Container running as root user

Recommendation: Run containers as non-root users. Use USER directive in Dockerfile.

Container Running as Root - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 4

Description: Container running as root user

Recommendation: Run containers as non-root users. Use USER directive in Dockerfile.

Container Running as Root - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 5

Description: Container running as root user

Recommendation: Run containers as non-root users. Use USER directive in Dockerfile.

Container Running as Root - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 6

Description: Container running as root user

Recommendation: Run containers as non-root users. Use USER directive in Dockerfile.

Container Health Check - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 3

Description: Container missing health check

Recommendation: Implement health checks for containers to ensure proper monitoring.

Container Health Check - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 4

Description: Container missing health check

Recommendation: Implement health checks for containers to ensure proper monitoring.

Container Health Check - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xxe.js

Line: 5

Description: Container missing health check

Recommendation: Implement health checks for containers to ensure proper monitoring.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 6

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 13

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 20

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 27

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 34

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 41

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 48

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 55

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 62

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 69

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 76

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 83

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 90

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 97

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 104

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 111

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 118

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 125

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 132

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 139

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 11

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 13

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 102

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 104

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 146

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 11

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 13

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 4

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 11

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 18

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 25

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 32

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 39

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 46

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 53

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 60

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 67

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 74

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 81

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 88

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 95

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 102

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 109

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 116

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 123

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 130

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 137

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\xpath-injection.js

Line: 144

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 78

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 9

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 18

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 112

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 89

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Web Worker Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 5

Description: Potential memory leak from Web Workers

Recommendation: Terminate Web Workers when no longer needed using worker.terminate().

Web Worker Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 23

Description: Potential memory leak from Web Workers

Recommendation: Terminate Web Workers when no longer needed using worker.terminate().

Web Worker Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 41

Description: Potential memory leak from Web Workers

Recommendation: Terminate Web Workers when no longer needed using worker.terminate().

Web Worker Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 59

Description: Potential memory leak from Web Workers

Recommendation: Terminate Web Workers when no longer needed using worker.terminate().

Web Worker Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 75

Description: Potential memory leak from Web Workers

Recommendation: Terminate Web Workers when no longer needed using worker.terminate().

Web Worker Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 97

Description: Potential memory leak from Web Workers

Recommendation: Terminate Web Workers when no longer needed using worker.terminate().

Web Worker Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 118

Description: Potential memory leak from Web Workers

Recommendation: Terminate Web Workers when no longer needed using worker.terminate().

Web Worker Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 148

Description: Potential memory leak from Web Workers

Recommendation: Terminate Web Workers when no longer needed using worker.terminate().

Web Worker Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 171

Description: Potential memory leak from Web Workers

Recommendation: Terminate Web Workers when no longer needed using worker.terminate().

Web Worker Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 191

Description: Potential memory leak from Web Workers

Recommendation: Terminate Web Workers when no longer needed using worker.terminate().

Web Worker Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 25

Description: Potential memory leak from Web Workers

Recommendation: Terminate Web Workers when no longer needed using worker.terminate().

Web Worker Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 43

Description: Potential memory leak from Web Workers

Recommendation: Terminate Web Workers when no longer needed using worker.terminate().

Web Worker Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 61

Description: Potential memory leak from Web Workers

Recommendation: Terminate Web Workers when no longer needed using worker.terminate().

Web Worker Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 81

Description: Potential memory leak from Web Workers

Recommendation: Terminate Web Workers when no longer needed using worker.terminate().

Web Worker Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 99

Description: Potential memory leak from Web Workers

Recommendation: Terminate Web Workers when no longer needed using worker.terminate().

Web Worker Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 120

Description: Potential memory leak from Web Workers

Recommendation: Terminate Web Workers when no longer needed using worker.terminate().

Web Worker Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 150

Description: Potential memory leak from Web Workers

Recommendation: Terminate Web Workers when no longer needed using worker.terminate().

Web Worker Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 173

Description: Potential memory leak from Web Workers

Recommendation: Terminate Web Workers when no longer needed using worker.terminate().

Web Worker Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 193

Description: Potential memory leak from Web Workers

Recommendation: Terminate Web Workers when no longer needed using worker.terminate().

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 25

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 33

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 43

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 61

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 70

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 81

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 99

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 120

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 137

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 143

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 150

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 164

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 173

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 193

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

Web Worker XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 5

Description: Potential XSS via Web Worker

Recommendation: Validate and sanitize data passed to Web Workers.

Web Worker XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 23

Description: Potential XSS via Web Worker

Recommendation: Validate and sanitize data passed to Web Workers.

Web Worker XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 41

Description: Potential XSS via Web Worker

Recommendation: Validate and sanitize data passed to Web Workers.

Web Worker XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 59

Description: Potential XSS via Web Worker

Recommendation: Validate and sanitize data passed to Web Workers.

Web Worker XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 75

Description: Potential XSS via Web Worker

Recommendation: Validate and sanitize data passed to Web Workers.

Web Worker XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 97

Description: Potential XSS via Web Worker

Recommendation: Validate and sanitize data passed to Web Workers.

Web Worker XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 118

Description: Potential XSS via Web Worker

Recommendation: Validate and sanitize data passed to Web Workers.

Web Worker XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 148

Description: Potential XSS via Web Worker

Recommendation: Validate and sanitize data passed to Web Workers.

Web Worker XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 171

Description: Potential XSS via Web Worker

Recommendation: Validate and sanitize data passed to Web Workers.

Web Worker XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 191

Description: Potential XSS via Web Worker

Recommendation: Validate and sanitize data passed to Web Workers.

Web Worker XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 54

Description: Potential XSS via Web Worker

Recommendation: Validate and sanitize data passed to Web Workers.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\worker-xss.js

Line: 78

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 30

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 9

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 43

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 68

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 30

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 28

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 80

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

DOM Clobbering - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 30

Description: Potential DOM clobbering vulnerability

Recommendation: Avoid using DOM element IDs that conflict with JavaScript properties or window object properties.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 28

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 80

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 19

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 40

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 54

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 117

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

WebSocket Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 5

Description: Potential WebSocket security issue

Recommendation: Validate WebSocket origin and implement proper authentication.

WebSocket Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 15

Description: Potential WebSocket security issue

Recommendation: Validate WebSocket origin and implement proper authentication.

WebSocket Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 25

Description: Potential WebSocket security issue

Recommendation: Validate WebSocket origin and implement proper authentication.

WebSocket Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 36

Description: Potential WebSocket security issue

Recommendation: Validate WebSocket origin and implement proper authentication.

WebSocket Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 50

Description: Potential WebSocket security issue

Recommendation: Validate WebSocket origin and implement proper authentication.

WebSocket Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 64

Description: Potential WebSocket security issue

Recommendation: Validate WebSocket origin and implement proper authentication.

WebSocket Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 76

Description: Potential WebSocket security issue

Recommendation: Validate WebSocket origin and implement proper authentication.

WebSocket Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 88

Description: Potential WebSocket security issue

Recommendation: Validate WebSocket origin and implement proper authentication.

WebSocket Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 100

Description: Potential WebSocket security issue

Recommendation: Validate WebSocket origin and implement proper authentication.

WebSocket Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 114

Description: Potential WebSocket security issue

Recommendation: Validate WebSocket origin and implement proper authentication.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 43

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 117

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

WebSocket Authentication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 7

Description: Potential WebSocket authentication issue

Recommendation: Implement proper WebSocket authentication. Validate connections before processing messages.

WebSocket Authentication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 27

Description: Potential WebSocket authentication issue

Recommendation: Implement proper WebSocket authentication. Validate connections before processing messages.

WebSocket Authentication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 78

Description: Potential WebSocket authentication issue

Recommendation: Implement proper WebSocket authentication. Validate connections before processing messages.

WebSocket Authentication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 103

Description: Potential WebSocket authentication issue

Recommendation: Implement proper WebSocket authentication. Validate connections before processing messages.

WebSocket Authentication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 17

Description: Potential WebSocket authentication issue

Recommendation: Implement proper WebSocket authentication. Validate connections before processing messages.

WebSocket Authentication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 38

Description: Potential WebSocket authentication issue

Recommendation: Implement proper WebSocket authentication. Validate connections before processing messages.

WebSocket Authentication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 52

Description: Potential WebSocket authentication issue

Recommendation: Implement proper WebSocket authentication. Validate connections before processing messages.

WebSocket Authentication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 66

Description: Potential WebSocket authentication issue

Recommendation: Implement proper WebSocket authentication. Validate connections before processing messages.

WebSocket Authentication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 116

Description: Potential WebSocket authentication issue

Recommendation: Implement proper WebSocket authentication. Validate connections before processing messages.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 43

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 117

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Unsafe eval() Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 9

Description: Potentially unsafe use of eval()

Recommendation: Avoid using eval() with user input. Use safer alternatives like Function() or JSON.parse().

Unsafe JSON.parse() Usage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 28

Description: Potentially unsafe use of JSON.parse()

Recommendation: Validate and sanitize input before parsing with JSON.parse().

Unsafe JSON.parse() Usage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 80

Description: Potentially unsafe use of JSON.parse()

Recommendation: Validate and sanitize input before parsing with JSON.parse().

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 43

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 43

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 117

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 9

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 30

Description: Assigning to .innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to .innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 30

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\websocket-security.js

Line: 68

Description: Calling setInterval with potentially unsafe data

Recommendation: Avoid using setInterval with user-provided data. Consider using safer alternatives.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 49

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 38

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Clobbering - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 38

Description: Potential DOM clobbering vulnerability

Recommendation: Avoid using DOM element IDs that conflict with JavaScript properties or window object properties.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 106

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

WebSocket Authentication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 47

Description: Potential WebSocket authentication issue

Recommendation: Implement proper WebSocket authentication. Validate connections before processing messages.

WebSocket Authentication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 104

Description: Potential WebSocket authentication issue

Recommendation: Implement proper WebSocket authentication. Validate connections before processing messages.

Unsafe eval() Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 49

Description: Potentially unsafe use of eval()

Recommendation: Avoid using eval() with user input. Use safer alternatives like Function() or JSON.parse().

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 25

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Cloud Storage Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 108

Description: Potential cloud storage security issue

Recommendation: Secure cloud storage buckets with proper access controls. Use encryption for sensitive data.

Cloud Storage Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 109

Description: Potential cloud storage security issue

Recommendation: Secure cloud storage buckets with proper access controls. Use encryption for sensitive data.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 4

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 19

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 32

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 43

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 54

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 68

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 84

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 100

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 115

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 116

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 135

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 11

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 12

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 13

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 22

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 23

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 25

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 26

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 35

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 37

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 47

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 49

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 75

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 76

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 77

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 91

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 92

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 93

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 119

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 120

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 121

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Database Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 5

Description: Potential cloud database security issue

Recommendation: Secure cloud databases with proper access controls. Enable encryption at rest and in transit.

Cloud Database Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 11

Description: Potential cloud database security issue

Recommendation: Secure cloud databases with proper access controls. Enable encryption at rest and in transit.

Cloud Database Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 20

Description: Potential cloud database security issue

Recommendation: Secure cloud databases with proper access controls. Enable encryption at rest and in transit.

Cloud Database Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 22

Description: Potential cloud database security issue

Recommendation: Secure cloud databases with proper access controls. Enable encryption at rest and in transit.

Cloud Database Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 33

Description: Potential cloud database security issue

Recommendation: Secure cloud databases with proper access controls. Enable encryption at rest and in transit.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webrtc-security.js

Line: 49

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

Hardcoded API Key - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 136

Description: Possible hardcoded API key

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 5

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 41

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 50

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 59

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 93

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 108

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 124

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 142

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 67

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 36

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 37

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 5

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 21

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 41

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 50

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 59

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 93

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 108

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 124

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 142

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 135

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Network Timeout - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 5

Description: Potential missing network timeout

Recommendation: Set appropriate timeouts for network requests to prevent hanging connections.

Missing Network Timeout - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 41

Description: Potential missing network timeout

Recommendation: Set appropriate timeouts for network requests to prevent hanging connections.

Missing Network Timeout - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 50

Description: Potential missing network timeout

Recommendation: Set appropriate timeouts for network requests to prevent hanging connections.

Missing Network Timeout - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 59

Description: Potential missing network timeout

Recommendation: Set appropriate timeouts for network requests to prevent hanging connections.

Missing Network Timeout - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 93

Description: Potential missing network timeout

Recommendation: Set appropriate timeouts for network requests to prevent hanging connections.

Missing Network Timeout - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 108

Description: Potential missing network timeout

Recommendation: Set appropriate timeouts for network requests to prevent hanging connections.

Missing Network Timeout - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 124

Description: Potential missing network timeout

Recommendation: Set appropriate timeouts for network requests to prevent hanging connections.

Missing Network Timeout - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 142

Description: Potential missing network timeout

Recommendation: Set appropriate timeouts for network requests to prevent hanging connections.

Missing Network Retry - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 5

Description: Potential missing network retry mechanism

Recommendation: Implement retry logic for transient network failures to improve reliability.

Missing Network Retry - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 21

Description: Potential missing network retry mechanism

Recommendation: Implement retry logic for transient network failures to improve reliability.

Missing Network Retry - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 41

Description: Potential missing network retry mechanism

Recommendation: Implement retry logic for transient network failures to improve reliability.

Missing Network Retry - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 50

Description: Potential missing network retry mechanism

Recommendation: Implement retry logic for transient network failures to improve reliability.

Missing Network Retry - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 59

Description: Potential missing network retry mechanism

Recommendation: Implement retry logic for transient network failures to improve reliability.

Missing Network Retry - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 93

Description: Potential missing network retry mechanism

Recommendation: Implement retry logic for transient network failures to improve reliability.

Missing Network Retry - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 108

Description: Potential missing network retry mechanism

Recommendation: Implement retry logic for transient network failures to improve reliability.

Missing Network Retry - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 124

Description: Potential missing network retry mechanism

Recommendation: Implement retry logic for transient network failures to improve reliability.

Missing Network Retry - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 142

Description: Potential missing network retry mechanism

Recommendation: Implement retry logic for transient network failures to improve reliability.

Missing Network Error Handling - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 5

Description: Potential missing network error handling

Recommendation: Implement proper error handling for network requests to improve user experience.

Missing Network Error Handling - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 21

Description: Potential missing network error handling

Recommendation: Implement proper error handling for network requests to improve user experience.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 135

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 136

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 135

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 136

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 34

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 135

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 136

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Timeout Handling - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 5

Description: Potential API timeout handling issue

Recommendation: Implement proper timeout handling for API requests to prevent DoS attacks.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 5

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 21

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 41

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 43

Description: Calling results.instance.exports.execute with potentially unsafe data

Recommendation: Avoid using results.instance.exports.execute with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 50

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 59

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 67

Description: Calling setInterval with potentially unsafe data

Recommendation: Avoid using setInterval with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 85

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 86

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 88

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 89

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 93

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 108

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 124

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 136

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\webassembly-security.js

Line: 142

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 135

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 137

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 175

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Insecure Password Storage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 135

Description: Potentially insecure password storage

Recommendation: Never store passwords in plain text. Use bcrypt, scrypt, or argon2 for password hashing.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 205

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 19

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 34

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 120

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 132

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 137

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 3

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 8

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 13

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 15

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 18

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 20

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 23

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 25

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 28

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 30

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 33

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 35

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 38

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 40

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 43

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 47

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 52

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 54

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 57

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 61

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 111

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 117

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 121

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 125

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 142

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 145

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 151

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 162

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 167

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 172

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 176

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 181

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 183

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 186

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 189

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 195

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 197

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-random-number.js

Line: 200

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 114

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 95

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 105

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Insecure Password Storage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 114

Description: Potentially insecure password storage

Recommendation: Never store passwords in plain text. Use bcrypt, scrypt, or argon2 for password hashing.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 8

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 23

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Weak Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 95

Description: Potentially weak encryption algorithm

Recommendation: Use strong encryption algorithms like AES-256-GCM. Avoid MD5, SHA1, DES.

Weak Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 105

Description: Potentially weak encryption algorithm

Recommendation: Use strong encryption algorithms like AES-256-GCM. Avoid MD5, SHA1, DES.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 8

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 23

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Insufficient Key Length - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 68

Description: Potentially insufficient encryption key length

Recommendation: Use encryption keys with sufficient length (at least 128 bits for symmetric encryption).

Insufficient Key Length - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 8

Description: Potentially insufficient encryption key length

Recommendation: Use encryption keys with sufficient length (at least 128 bits for symmetric encryption).

Insufficient Key Length - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 23

Description: Potentially insufficient encryption key length

Recommendation: Use encryption keys with sufficient length (at least 128 bits for symmetric encryption).

Insufficient Key Length - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 127

Description: Potentially insufficient encryption key length

Recommendation: Use encryption keys with sufficient length (at least 128 bits for symmetric encryption).

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 8

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 23

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 37

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 52

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 66

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 80

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 127

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 8

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 11

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 23

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 25

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 37

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 40

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 52

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 54

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 66

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 68

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 80

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 83

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 114

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 117

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 119

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 127

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 130

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 8

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 20

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 34

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 49

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 63

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 77

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 92

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 102

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 112

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 114

Description: Variable password appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\weak-encryption.js

Line: 124

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 12

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 25

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 42

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 56

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 76

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 89

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 102

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 115

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 134

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 152

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 261

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 279

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 298

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 351

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 365

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 379

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 411

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 424

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 434

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 452

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 470

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 484

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 500

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 515

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 546

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 562

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 582

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 590

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 697

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 710

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 723

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 736

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via dangerouslySetInnerHTML - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 649

Description: Using dangerouslySetInnerHTML can lead to XSS vulnerabilities

Recommendation: Avoid using dangerouslySetInnerHTML with user-provided content. Sanitize the content before use.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 243

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 623

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 649

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 221

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 223

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 230

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 600

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 636

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 649

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 393

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Vue 3 Teleport XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 483

Description: Potential XSS vulnerability via Vue 3 Teleport component

Recommendation: Ensure Teleport targets are not controlled by user input. Validate and sanitize all Teleport-related data.

Vue 3 Suspense XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 498

Description: Potential XSS vulnerability via Vue 3 Suspense component

Recommendation: Ensure Suspense fallback content is properly sanitized. Avoid user-controllable content in Suspense components.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 640

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 642

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 12

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-xss-vulnerabilities.js

Line: 25

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 12

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 188

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 30

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 48

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 66

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 84

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 224

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 494

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 297

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

Vue Router Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 756

Description: Vue router usage with potential security concern

Recommendation: Validate and sanitize route parameters and destinations to prevent open redirects and parameter pollution.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 18

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 36

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 54

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 72

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 90

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 107

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 120

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 140

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 158

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 176

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 194

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 212

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 230

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 248

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 267

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 285

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 303

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 321

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 339

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 357

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 370

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 383

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 397

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 410

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 424

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 438

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 457

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 482

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 500

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 518

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 538

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 558

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 576

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 594

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 607

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 620

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 633

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 646

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 659

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-router-security.js

Line: 673

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 7

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 14

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 21

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 30

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 40

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 51

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 171

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 172

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 179

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 180

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 181

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 189

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 200

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 207

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 208

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 209

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 216

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 225

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 232

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 233

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 234

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 235

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 243

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 252

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 253

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 254

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 262

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 270

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 294

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 303

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 312

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 321

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 328

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 329

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 336

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 346

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 355

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 362

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 363

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 364

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 372

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 383

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 390

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 391

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 392

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 400

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 411

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 418

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 419

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 420

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 7

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 14

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 21

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 23

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 30

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 40

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 43

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 51

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 54

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 69

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 70

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 171

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 172

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 179

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 180

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 181

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 189

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 200

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 207

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 208

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 209

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 216

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 225

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 232

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 233

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 234

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 235

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 243

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 252

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 253

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 254

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 262

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 270

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 285

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 286

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 294

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 296

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 303

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 306

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 312

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 315

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 321

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 328

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 329

Description: Accessing constructor property which may lead to security issues

Recommendation: Avoid accessing constructor directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 329

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 336

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 346

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 355

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 362

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 363

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 364

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 372

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 383

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 390

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 391

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 392

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 400

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 411

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 418

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 419

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 420

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 428

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 439

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 446

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 447

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-reactive-security.js

Line: 448

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 307

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 298

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 289

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 288

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 297

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 306

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 315

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 324

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 333

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 269

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 279

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 270

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 280

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded API Key - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 268

Description: Possible hardcoded API key

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 246

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 342

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 352

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 353

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 354

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 362

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 372

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue 3 Reactive API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 342

Description: Vue 3 Reactive API usage with potential security concern

Recommendation: Review Reactive API usage to ensure proper validation of reactive data sources and avoid unintended exposure of sensitive information.

Vue 3 Reactive API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 352

Description: Vue 3 Reactive API usage with potential security concern

Recommendation: Review Reactive API usage to ensure proper validation of reactive data sources and avoid unintended exposure of sensitive information.

Vue 3 Reactive API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 353

Description: Vue 3 Reactive API usage with potential security concern

Recommendation: Review Reactive API usage to ensure proper validation of reactive data sources and avoid unintended exposure of sensitive information.

Vue 3 Reactive API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 354

Description: Vue 3 Reactive API usage with potential security concern

Recommendation: Review Reactive API usage to ensure proper validation of reactive data sources and avoid unintended exposure of sensitive information.

Vue 3 Reactive API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 362

Description: Vue 3 Reactive API usage with potential security concern

Recommendation: Review Reactive API usage to ensure proper validation of reactive data sources and avoid unintended exposure of sensitive information.

Vue 3 Reactive API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 372

Description: Vue 3 Reactive API usage with potential security concern

Recommendation: Review Reactive API usage to ensure proper validation of reactive data sources and avoid unintended exposure of sensitive information.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 7

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 20

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 33

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 46

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 59

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 72

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 85

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 98

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 111

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 124

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 412

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 425

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 426

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 427

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 137

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 147

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 223

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Vue Component Event Listener Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 382

Description: Vue component event listener without proper cleanup

Recommendation: Remove Vue event listeners in beforeDestroy or beforeUnmount lifecycle hooks.

Vue Component Event Listener Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 392

Description: Vue component event listener without proper cleanup

Recommendation: Remove Vue event listeners in beforeDestroy or beforeUnmount lifecycle hooks.

Vue Component Event Listener Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 393

Description: Vue component event listener without proper cleanup

Recommendation: Remove Vue event listeners in beforeDestroy or beforeUnmount lifecycle hooks.

Vue Component Event Listener Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 394

Description: Vue component event listener without proper cleanup

Recommendation: Remove Vue event listeners in beforeDestroy or beforeUnmount lifecycle hooks.

Vue Component Event Listener Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 402

Description: Vue component event listener without proper cleanup

Recommendation: Remove Vue event listeners in beforeDestroy or beforeUnmount lifecycle hooks.

Vue Watcher Without Teardown - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-lifecycle-security.js

Line: 342

Description: Vue watcher without proper teardown

Recommendation: Save the unwatch function returned by $watch and call it when appropriate.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 176

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 191

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 206

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 220

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 233

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 246

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 259

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 273

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 287

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 301

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 315

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 342

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 357

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 372

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 386

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 412

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 399

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 68

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 70

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 77

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 81

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 83

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 90

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 422

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 647

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 104

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 122

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 140

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 158

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 543

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 565

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 587

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 609

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 762

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 783

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 804

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 825

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 12

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 51

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 64

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 77

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 90

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 126

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 176

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 190

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 191

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 205

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 206

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 220

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-directive-security.js

Line: 233

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Vulnerable Vue 2 Version - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 20

Description: Vue 2 version has known security vulnerabilities

Recommendation: Update Vue to version 2.6.14 or later, or migrate to Vue 3.

Vulnerable Vue 2 Version - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 27

Description: Vue 2 version has known security vulnerabilities

Recommendation: Update Vue to version 2.6.14 or later, or migrate to Vue 3.

Vulnerable Vue 2 Version - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 34

Description: Vue 2 version has known security vulnerabilities

Recommendation: Update Vue to version 2.6.14 or later, or migrate to Vue 3.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 451

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 454

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 458

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 461

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 465

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 468

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 472

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 475

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 479

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 482

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 486

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 489

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 493

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 496

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 5

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 12

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 19

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 26

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 33

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 40

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 47

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 54

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 61

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 68

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 75

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 82

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 89

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 96

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 103

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 110

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 117

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 124

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 131

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 138

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 145

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 152

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 159

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 166

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 173

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 180

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 187

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 194

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 201

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 208

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 215

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 222

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-dependency-vulnerabilities.js

Line: 229

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 219

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 249

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 101

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 139

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 222

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 252

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 176

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 198

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 120

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 130

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 158

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 168

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 183

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 191

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 205

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 213

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 242

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 272

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 284

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 290

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 313

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 318

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 323

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 340

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 345

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 350

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 512

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 527

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 542

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 557

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 577

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 599

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 219

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 249

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 129

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 167

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 241

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 271

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 111

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 149

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 232

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 262

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 307

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 334

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 359

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 373

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 388

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 401

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 417

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 436

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 101

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 110

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 111

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 120

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 130

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 139

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 148

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 149

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 158

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 168

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 176

Description: Assigning to el.innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to el.innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 176

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 183

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 191

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 198

Description: Assigning to el.innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to el.innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 198

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 205

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 213

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 222

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 231

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 232

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 242

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 252

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 261

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 262

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 272

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 284

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 290

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 295

Description: Variable apiKey appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 300

Description: Accessing prototype property which may lead to security issues

Recommendation: Avoid accessing prototype directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 301

Description: Accessing prototype property which may lead to security issues

Recommendation: Avoid accessing prototype directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 302

Description: Accessing prototype property which may lead to security issues

Recommendation: Avoid accessing prototype directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 305

Description: Accessing prototype property which may lead to security issues

Recommendation: Avoid accessing prototype directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 307

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 308

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 312

Description: Accessing prototype property which may lead to security issues

Recommendation: Avoid accessing prototype directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 313

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 317

Description: Assigning to Vue.prototype.$eval which may have security implications

Recommendation: Validate and sanitize data before assigning to Vue.prototype.$eval

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 317

Description: Accessing prototype property which may lead to security issues

Recommendation: Avoid accessing prototype directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 318

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 322

Description: Accessing prototype property which may lead to security issues

Recommendation: Avoid accessing prototype directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 334

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 335

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 340

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 344

Description: Assigning to app.config.globalProperties.$eval which may have security implications

Recommendation: Validate and sanitize data before assigning to app.config.globalProperties.$eval

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 345

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 358

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 359

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 372

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 373

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 392

Description: Assigning to Vue.config.evalEnabled which may have security implications

Recommendation: Validate and sanitize data before assigning to Vue.config.evalEnabled

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 405

Description: Assigning to app.config.evalEnabled which may have security implications

Recommendation: Validate and sanitize data before assigning to app.config.evalEnabled

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 416

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 417

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 435

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 436

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 490

Description: Property api-key appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 491

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 512

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 527

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 542

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 557

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 570

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 577

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 592

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-configuration-security.js

Line: 599

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 7

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 14

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 21

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 30

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 40

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 51

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 60

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 206

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 207

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 214

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 215

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 216

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 224

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 235

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 242

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 243

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 244

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 251

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 260

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 267

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 268

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 269

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 270

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 277

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 286

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 296

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 304

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 305

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 306

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 321

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 328

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 329

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 336

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 346

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 355

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 362

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 363

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 364

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 372

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 383

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 390

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 391

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 392

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 400

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 411

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 418

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 419

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 420

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 428

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 439

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 7

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 14

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 21

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 23

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 30

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 40

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 43

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 51

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 54

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 60

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 104

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 105

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 206

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 207

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 214

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 215

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 216

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 224

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 235

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 242

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 243

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 244

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 251

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 260

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 267

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 268

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 269

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 270

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 277

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 280

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 286

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 289

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 296

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 297

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 304

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 305

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 306

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 321

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 328

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 329

Description: Accessing constructor property which may lead to security issues

Recommendation: Avoid accessing constructor directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 329

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 336

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 346

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 355

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 362

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 363

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 364

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 372

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 383

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 390

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 391

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 392

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 400

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 411

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 418

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 419

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 420

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 428

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 439

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 446

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 447

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-composition-api.js

Line: 448

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 115

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 128

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 141

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 155

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 169

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 182

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 276

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 292

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 308

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 328

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 343

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 384

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 397

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 411

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 452

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 515

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 533

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 547

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 562

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 577

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 592

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 606

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 620

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 634

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 648

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via dangerouslySetInnerHTML - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 478

Description: Using dangerouslySetInnerHTML can lead to XSS vulnerabilities

Recommendation: Avoid using dangerouslySetInnerHTML with user-provided content. Sanitize the content before use.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 478

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 448

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 465

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 478

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Vue 3 Teleport XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 275

Description: Potential XSS vulnerability via Vue 3 Teleport component

Recommendation: Ensure Teleport targets are not controlled by user input. Validate and sanitize all Teleport-related data.

Vue 3 Teleport XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 291

Description: Potential XSS vulnerability via Vue 3 Teleport component

Recommendation: Ensure Teleport targets are not controlled by user input. Validate and sanitize all Teleport-related data.

Vue 3 Suspense XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 306

Description: Potential XSS vulnerability via Vue 3 Suspense component

Recommendation: Ensure Suspense fallback content is properly sanitized. Avoid user-controllable content in Suspense components.

Vue 3 Suspense XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 323

Description: Potential XSS vulnerability via Vue 3 Suspense component

Recommendation: Ensure Suspense fallback content is properly sanitized. Avoid user-controllable content in Suspense components.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 469

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 471

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 52

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 67

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 115

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 128

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 141

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 154

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 155

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 169

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 182

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 203

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 276

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\vue-component-security.js

Line: 292

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 10

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 16

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 76

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 184

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

Vue Router Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 10

Description: Vue router usage with potential security concern

Recommendation: Validate and sanitize route parameters and destinations to prevent open redirects and parameter pollution.

Vue 3.5+ defineAsyncComponent Usage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 183

Description: Vue 3.5+ defineAsyncComponent usage with potential security concern

Recommendation: Ensure async component loading is properly secured and does not expose sensitive information.

Closure Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 183

Description: Potential memory leak from closures

Recommendation: Avoid creating unnecessary closures. Clean up references in closures when no longer needed.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 10

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 15

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 16

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 76

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 184

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 193

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 194

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 5

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 11

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 17

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 22

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 27

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 32

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 37

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 42

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 47

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 52

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 60

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 65

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 70

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 84

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 89

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 94

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 99

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 104

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 109

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 114

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 119

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 124

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 129

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 134

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 139

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 144

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 149

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 154

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\unsafe-dynamic-import.js

Line: 159

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 458

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 681

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 47

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 48

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 53

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 115

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 116

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 167

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 168

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 228

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 231

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 232

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 233

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 234

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 239

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 300

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 301

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 305

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 357

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 358

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 366

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 367

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 375

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 376

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 508

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 509

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 644

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 646

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 648

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 649

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 653

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 660

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 662

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 665

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 684

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 449

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 456

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 61

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 406

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 697

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 61

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 406

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 697

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Insecure Form Submission - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 109

Description: Form submission may be missing CSRF protection

Recommendation: Add CSRF hidden field to forms and validate tokens on the server side.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 58

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 172

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 246

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 310

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 386

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ui-redress.js

Line: 391

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 5

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 6

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 12

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 13

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 19

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 20

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 26

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 27

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 33

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 34

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 41

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 42

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 51

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 52

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 58

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 59

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 65

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 66

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 72

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 73

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 5

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 12

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 19

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 26

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 33

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 41

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 51

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 58

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 65

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 72

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 5

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 12

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 19

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 26

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 33

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 41

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 51

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 58

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 65

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 72

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 20

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 5

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 12

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 19

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 26

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 33

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-script.js

Line: 41

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 31

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 41

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded API Key - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 8

Description: Possible hardcoded API key

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded API Key - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 16

Description: Possible hardcoded API key

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 20

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 104

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 5

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 18

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 27

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 37

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 48

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 57

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 86

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 95

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 101

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 5

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 37

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 57

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 76

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 86

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 101

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 19

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 103

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 88

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 7

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 31

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 39

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 59

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 78

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 106

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Insecure Password Storage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 41

Description: Potentially insecure password storage

Recommendation: Never store passwords in plain text. Use bcrypt, scrypt, or argon2 for password hashing.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 20

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 7

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 39

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 59

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 78

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 88

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 106

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 5

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 18

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 27

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 37

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 48

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 57

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 76

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 86

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 95

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 101

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 5

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 8

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 16

Description: Variable apiKey appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 18

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 20

Description: Property Authorization appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 27

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 31

Description: Assigning to document.body.innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to document.body.innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 31

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 37

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 48

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 57

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 76

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 86

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 95

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 101

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\third-party-api.js

Line: 104

Description: Property Authorization appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 6

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 37

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 38

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 39

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 47

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 50

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 53

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 59

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 60

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 61

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 62

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 1

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 31

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 14

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 16

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 14

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 16

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 13

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 16

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 20

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 13

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 14

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 15

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 16

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 20

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\test-rule-engine.js

Line: 1

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 6

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 12

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 18

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 30

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 36

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 42

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 78

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 102

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 108

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 114

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 126

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 132

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 138

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 144

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 150

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 46

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 48

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 6

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 12

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 18

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 24

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 30

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 36

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 42

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 48

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 54

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 60

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 66

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 72

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 78

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 84

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 90

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 96

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 102

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 108

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 114

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 120

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 126

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 132

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 138

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 144

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 150

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 154

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 46

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 48

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 46

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\template-injection.js

Line: 48

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 488

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 68

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 99

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 238

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 290

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 320

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 407

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 411

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 482

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 510

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 536

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 538

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 583

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 40

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 380

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 537

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 73

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 214

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 597

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 601

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Insecure Form Submission - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 156

Description: Form submission may be missing CSRF protection

Recommendation: Add CSRF hidden field to forms and validate tokens on the server side.

Insecure Form Submission - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 577

Description: Form submission may be missing CSRF protection

Recommendation: Add CSRF hidden field to forms and validate tokens on the server side.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 266

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 296

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 327

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 353

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 416

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 420

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 589

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 618

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 610

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 213

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 329

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 381

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 607

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 20

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 44

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 45

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 49

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 135

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 268

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 270

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 271

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 300

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 330

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 358

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 380

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 382

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 424

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\tabnabbing.js

Line: 590

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 92

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Vue 3 Teleport XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 116

Description: Potential XSS vulnerability via Vue 3 Teleport component

Recommendation: Ensure Teleport targets are not controlled by user input. Validate and sanitize all Teleport-related data.

Vue 3 Teleport XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 163

Description: Potential XSS vulnerability via Vue 3 Teleport component

Recommendation: Ensure Teleport targets are not controlled by user input. Validate and sanitize all Teleport-related data.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 79

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 127

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 209

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 5

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 10

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 40

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 42

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 44

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 79

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 104

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 115

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 133

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 138

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 144

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 149

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

Vue 3 Teleport Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 116

Description: Vue 3 Teleport usage with potential security concern

Recommendation: Ensure Teleport targets are not controlled by user input to prevent DOM manipulation vulnerabilities.

Vue 3 Teleport Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 163

Description: Vue 3 Teleport usage with potential security concern

Recommendation: Ensure Teleport targets are not controlled by user input to prevent DOM manipulation vulnerabilities.

Location Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 92

Description: Potential HTTP header injection in Location header

Recommendation: Validate redirect URLs to ensure they point to trusted domains. Avoid open redirect vulnerabilities.

SVG XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 44

Description: Potential XSS via SVG content

Recommendation: Sanitize SVG content before rendering. Avoid using user-provided SVG directly.

DOM-based XSS (Event Handler) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 44

Description: Potential DOM-based XSS via event handlers

Recommendation: Avoid assigning user-controllable values to event handlers. Use addEventListener instead of inline handlers.

DOM-based XSS (Event Handler) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 79

Description: Potential DOM-based XSS via event handlers

Recommendation: Avoid assigning user-controllable values to event handlers. Use addEventListener instead of inline handlers.

DOM-based XSS (Event Handler) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 104

Description: Potential DOM-based XSS via event handlers

Recommendation: Avoid assigning user-controllable values to event handlers. Use addEventListener instead of inline handlers.

DOM-based XSS (Event Handler) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 138

Description: Potential DOM-based XSS via event handlers

Recommendation: Avoid assigning user-controllable values to event handlers. Use addEventListener instead of inline handlers.

DOM-based XSS (Event Handler) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 149

Description: Potential DOM-based XSS via event handlers

Recommendation: Avoid assigning user-controllable values to event handlers. Use addEventListener instead of inline handlers.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 7

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 8

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 19

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 30

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 31

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 44

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 54

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 55

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 66

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 77

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 90

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 101

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 113

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 126

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 137

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 148

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 161

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 174

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 187

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 197

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 208

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 219

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\svg-xss.js

Line: 230

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 35

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 49

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 272

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 272

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 272

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 35

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 49

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 35

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 49

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 86

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 88

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 89

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 90

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 91

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 95

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 96

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 290

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 35

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 49

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 62

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 211

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 214

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 215

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 216

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 220

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 299

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 120

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 4

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 17

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 30

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 44

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 58

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\stored-xss.js

Line: 72

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

XSS via dangerouslySetInnerHTML - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 61

Description: Using dangerouslySetInnerHTML can lead to XSS vulnerabilities

Recommendation: Avoid using dangerouslySetInnerHTML with user-provided content. Sanitize the content before use.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 61

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 3

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 7

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 11

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 15

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 19

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 23

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 32

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 43

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 51

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 58

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 79

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 85

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 90

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 94

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 98

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 6

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 13

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 14

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 21

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 22

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 29

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 39

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 56

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 107

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 49

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 51

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 33

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 41

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 50

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 57

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 91

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 95

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 103

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 6

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 13

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 14

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 21

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 22

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 29

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ssr-injection.js

Line: 30

Description: Using fetchUserData which may have security implications

Recommendation: Review the usage of fetchUserData and ensure proper security measures are in place.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 18

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 34

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 46

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 47

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 69

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 70

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 74

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 93

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 112

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 113

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 118

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 131

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 132

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 135

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 154

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 155

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 160

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 177

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 200

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 201

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 203

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 205

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 207

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 208

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 209

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Insecure Form Submission - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 20

Description: Form submission may be missing CSRF protection

Recommendation: Add CSRF hidden field to forms and validate tokens on the server side.

Insecure Form Submission - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 56

Description: Form submission may be missing CSRF protection

Recommendation: Add CSRF hidden field to forms and validate tokens on the server side.

Insecure Form Submission - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 98

Description: Form submission may be missing CSRF protection

Recommendation: Add CSRF hidden field to forms and validate tokens on the server side.

Insecure Form Submission - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 165

Description: Form submission may be missing CSRF protection

Recommendation: Add CSRF hidden field to forms and validate tokens on the server side.

Insecure Form Submission - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 181

Description: Form submission may be missing CSRF protection

Recommendation: Add CSRF hidden field to forms and validate tokens on the server side.

Insecure Form Submission - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 211

Description: Form submission may be missing CSRF protection

Recommendation: Add CSRF hidden field to forms and validate tokens on the server side.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 11

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 17

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 26

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 11

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 17

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 26

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 11

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 17

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 26

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Missing Input Pattern Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 21

Description: Input without pattern validation

Recommendation: Add pattern validation for inputs to ensure they match expected formats.

Missing Input Pattern Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 22

Description: Input without pattern validation

Recommendation: Add pattern validation for inputs to ensure they match expected formats.

Missing Input Pattern Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 57

Description: Input without pattern validation

Recommendation: Add pattern validation for inputs to ensure they match expected formats.

Missing Input Pattern Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 58

Description: Input without pattern validation

Recommendation: Add pattern validation for inputs to ensure they match expected formats.

Missing Input Pattern Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 59

Description: Input without pattern validation

Recommendation: Add pattern validation for inputs to ensure they match expected formats.

Missing Input Pattern Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 99

Description: Input without pattern validation

Recommendation: Add pattern validation for inputs to ensure they match expected formats.

Missing Input Pattern Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\social-engineering.js

Line: 100

Description: Input without pattern validation

Recommendation: Add pattern validation for inputs to ensure they match expected formats.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 30

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 35

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 112

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 116

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 128

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 45

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 55

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 65

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 118

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 45

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 30

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 47

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 57

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 67

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 120

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 15

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 30

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 40

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 48

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 58

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 68

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 121

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 140

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 145

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 45

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 55

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 65

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 118

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 7

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Network Retry - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 45

Description: Potential missing network retry mechanism

Recommendation: Implement retry logic for transient network failures to improve reliability.

Missing Network Retry - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 55

Description: Potential missing network retry mechanism

Recommendation: Implement retry logic for transient network failures to improve reliability.

Missing Network Retry - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 65

Description: Potential missing network retry mechanism

Recommendation: Implement retry logic for transient network failures to improve reliability.

Missing Network Retry - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 118

Description: Potential missing network retry mechanism

Recommendation: Implement retry logic for transient network failures to improve reliability.

Missing Network Headers - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 45

Description: Potential missing network headers

Recommendation: Add appropriate headers to network requests, such as Content-Type and Accept.

Missing Network Headers - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 55

Description: Potential missing network headers

Recommendation: Add appropriate headers to network requests, such as Content-Type and Accept.

Missing Network Headers - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 65

Description: Potential missing network headers

Recommendation: Add appropriate headers to network requests, such as Content-Type and Accept.

Missing Network Headers - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 118

Description: Potential missing network headers

Recommendation: Add appropriate headers to network requests, such as Content-Type and Accept.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 7

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 20

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 25

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 110

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Insecure Random Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 7

Description: Potentially insecure random number generation

Recommendation: Use crypto.randomBytes() or crypto.getRandomValues() for cryptographic randomness.

Insecure Random Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 20

Description: Potentially insecure random number generation

Recommendation: Use crypto.randomBytes() or crypto.getRandomValues() for cryptographic randomness.

Insecure Random Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 25

Description: Potentially insecure random number generation

Recommendation: Use crypto.randomBytes() or crypto.getRandomValues() for cryptographic randomness.

Insecure Random Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 110

Description: Potentially insecure random number generation

Recommendation: Use crypto.randomBytes() or crypto.getRandomValues() for cryptographic randomness.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 7

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 7

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 7

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 7

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 30

Description: Assigning to window.location.href which may have security implications

Recommendation: Validate and sanitize data before assigning to window.location.href

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 30

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 40

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 45

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 55

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 65

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-management.js

Line: 118

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 358

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 359

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 532

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 533

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 363

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 516

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 11

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 56

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 74

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 118

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 149

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 177

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 196

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 428

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 455

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 516

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Insecure Form Submission - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 408

Description: Form submission may be missing CSRF protection

Recommendation: Add CSRF hidden field to forms and validate tokens on the server side.

Insecure Form Submission - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 495

Description: Form submission may be missing CSRF protection

Recommendation: Add CSRF hidden field to forms and validate tokens on the server side.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 507

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 504

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 505

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 124

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 518

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 186

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 34

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 94

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 95

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 222

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 246

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 328

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 334

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 335

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 395

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 244

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-hijacking.js

Line: 295

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 25

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 30

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 128

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 130

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 134

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 157

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 179

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 184

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 221

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 228

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 230

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 232

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 259

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 262

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 272

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 286

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 291

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 307

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 309

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 314

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 316

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 317

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 320

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 323

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 325

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 326

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 327

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 348

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 353

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 354

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 356

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 443

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 445

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 446

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 498

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 502

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 503

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 535

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 536

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 577

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 579

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 590

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 591

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 599

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 602

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 608

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 617

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 628

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 592

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Plugin Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 89

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\session-fixation.js

Line: 523

Description: Assigning to req.session.preAllocationTime which may have security implications

Recommendation: Validate and sanitize data before assigning to req.session.preAllocationTime

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 211

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 216

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 221

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 227

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 105

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 106

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 107

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 108

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 113

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 114

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 115

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 78

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 79

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 86

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 87

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 94

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 95

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 149

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 155

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 163

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 175

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 189

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 151

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 157

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 181

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 191

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded API Key - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 150

Description: Possible hardcoded API key

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded API Key - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 164

Description: Possible hardcoded API key

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded API Key - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 180

Description: Possible hardcoded API key

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded API Key - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 190

Description: Possible hardcoded API key

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 32

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 33

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 114

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 5

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 12

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 19

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 26

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 33

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 40

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 47

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 54

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 61

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 68

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 80

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 88

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 96

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 199

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 199

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 211

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 216

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 5

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 12

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 19

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 26

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 33

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 40

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 47

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 54

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 61

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 68

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 80

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 88

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 96

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 120

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 121

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 122

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 149

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 150

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 151

Description: Property token appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 163

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 164

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 175

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 180

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 181

Description: Property token appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 187

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 189

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 190

Description: Property apiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 191

Description: Property token appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 199

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 211

Description: Assigning to window.location.hash which may have security implications

Recommendation: Validate and sanitize data before assigning to window.location.hash

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 211

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 216

Description: Assigning to window.location.href which may have security implications

Recommendation: Validate and sanitize data before assigning to window.location.href

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 216

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 221

Description: Assigning to window.location.href which may have security implications

Recommendation: Validate and sanitize data before assigning to window.location.href

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 221

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 227

Description: Assigning to window.location.href which may have security implications

Recommendation: Validate and sanitize data before assigning to window.location.href

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\sensitive-data-exposure.js

Line: 227

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 12

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 45

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 14

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 35

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 37

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 39

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 26

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 52

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 70

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 126

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 129

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 130

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 180

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 186

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 76

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 12

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 45

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 64

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 38

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM-based XSS (Event Handler) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 76

Description: Potential DOM-based XSS via event handlers

Recommendation: Avoid assigning user-controllable values to event handlers. Use addEventListener instead of inline handlers.

DOM-based XSS (Iframe) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 94

Description: Potential DOM-based XSS via iframe

Recommendation: Avoid using user-controllable values in iframe src attributes. Use sandbox attribute.

DOM-based XSS (Iframe) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 150

Description: Potential DOM-based XSS via iframe

Recommendation: Avoid using user-controllable values in iframe src attributes. Use sandbox attribute.

DOM-based XSS (Location Hash) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 45

Description: Potential DOM-based XSS via location hash

Recommendation: Avoid using location.hash directly without sanitization.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 12

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 13

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 14

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 144

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 6

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 14

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 20

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 26

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 32

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 52

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 58

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 64

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 70

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 76

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 82

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 88

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 94

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 100

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 106

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 112

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 118

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 125

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 12

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 14

Description: Assigning to document.body.innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to document.body.innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 14

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 39

Description: Assigning to element.innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to element.innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 39

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\reflected-xss.js

Line: 45

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 4

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 11

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 18

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 25

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 32

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 39

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 46

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 53

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 60

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 67

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 74

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 81

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 88

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 95

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 102

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 109

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 116

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 123

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 130

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 137

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 62

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Service Account Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 1

Description: Potential cloud service account security issue

Recommendation: Use service accounts with least privilege. Rotate service account keys regularly.

Container Orchestration Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 1

Description: Potential container orchestration security issue

Recommendation: Secure Kubernetes clusters. Implement RBAC. Use secrets management. Apply network policies.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 7

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 14

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 21

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 28

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 35

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 42

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 49

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 56

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 63

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 70

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 77

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 84

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 91

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 98

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 105

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 140

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

Business Logic Backdoor - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 7

Description: Potential business logic backdoor

Recommendation: Review code for unauthorized access mechanisms. Implement code reviews and security scanning. Remove all backdoors and debugging endpoints.

Business Logic Backdoor - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 14

Description: Potential business logic backdoor

Recommendation: Review code for unauthorized access mechanisms. Implement code reviews and security scanning. Remove all backdoors and debugging endpoints.

Business Logic Backdoor - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 21

Description: Potential business logic backdoor

Recommendation: Review code for unauthorized access mechanisms. Implement code reviews and security scanning. Remove all backdoors and debugging endpoints.

Business Logic Backdoor - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 28

Description: Potential business logic backdoor

Recommendation: Review code for unauthorized access mechanisms. Implement code reviews and security scanning. Remove all backdoors and debugging endpoints.

Business Logic Backdoor - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 35

Description: Potential business logic backdoor

Recommendation: Review code for unauthorized access mechanisms. Implement code reviews and security scanning. Remove all backdoors and debugging endpoints.

Business Logic Backdoor - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 42

Description: Potential business logic backdoor

Recommendation: Review code for unauthorized access mechanisms. Implement code reviews and security scanning. Remove all backdoors and debugging endpoints.

Business Logic Backdoor - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 49

Description: Potential business logic backdoor

Recommendation: Review code for unauthorized access mechanisms. Implement code reviews and security scanning. Remove all backdoors and debugging endpoints.

Business Logic Backdoor - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 56

Description: Potential business logic backdoor

Recommendation: Review code for unauthorized access mechanisms. Implement code reviews and security scanning. Remove all backdoors and debugging endpoints.

Business Logic Backdoor - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 63

Description: Potential business logic backdoor

Recommendation: Review code for unauthorized access mechanisms. Implement code reviews and security scanning. Remove all backdoors and debugging endpoints.

Business Logic Backdoor - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 70

Description: Potential business logic backdoor

Recommendation: Review code for unauthorized access mechanisms. Implement code reviews and security scanning. Remove all backdoors and debugging endpoints.

Business Logic Backdoor - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\redos.js

Line: 77

Description: Potential business logic backdoor

Recommendation: Review code for unauthorized access mechanisms. Implement code reviews and security scanning. Remove all backdoors and debugging endpoints.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 90

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 92

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 95

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 99

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 100

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 90

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 44

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 11

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 18

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 72

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 73

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 11

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 18

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 44

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 54

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 56

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 11

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 18

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 44

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Network Rate Limiting - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 1

Description: Potential missing network rate limiting

Recommendation: Implement rate limiting for network requests to prevent DoS attacks.

Network Rate Limiting - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 4

Description: Potential missing network rate limiting

Recommendation: Implement rate limiting for network requests to prevent DoS attacks.

Network Rate Limiting - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 32

Description: Potential missing network rate limiting

Recommendation: Implement rate limiting for network requests to prevent DoS attacks.

Network Rate Limiting - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 52

Description: Potential missing network rate limiting

Recommendation: Implement rate limiting for network requests to prevent DoS attacks.

Network Rate Limiting - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 67

Description: Potential missing network rate limiting

Recommendation: Implement rate limiting for network requests to prevent DoS attacks.

Network Rate Limiting - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 85

Description: Potential missing network rate limiting

Recommendation: Implement rate limiting for network requests to prevent DoS attacks.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 11

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 17

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 92

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 95

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 13

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 20

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 25

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 39

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 45

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 60

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 73

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 78

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 100

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Authentication Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 10

Description: Potential API authentication bypass vulnerability

Recommendation: Implement strong authentication for all API endpoints. Use secure token validation and session management.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 6

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 33

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 53

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 54

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 68

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\rate-limiting.js

Line: 86

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 97

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 23

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 25

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 33

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 35

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 40

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 91

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 98

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 145

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 173

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 97

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 115

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 116

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 117

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 120

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 122

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 35

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 40

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 98

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 97

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 115

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 116

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 117

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 120

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 122

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 97

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 115

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 116

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 117

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 120

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 122

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Unsafe Route Parameter Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\prototype-pollution.js

Line: 97

Description: Route parameter used unsafely

Recommendation: Sanitize and validate route parameters before using them in templates or DOM manipulation.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 40

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 151

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 72

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 87

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 131

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 9

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 24

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 39

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 43

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 102

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

JWT Algorithm Confusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 58

Description: Potential JWT algorithm confusion attack

Recommendation: Always explicitly specify algorithm in JWT verification. Do not accept "none" algorithm.

Session Fixation - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 44

Description: Potential session fixation vulnerability

Recommendation: Regenerate session ID after login. Use secure session management.

Privilege Escalation - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 136

Description: Potential privilege escalation vulnerability

Recommendation: Always verify user permissions before performing privileged operations.

Privilege Escalation - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 154

Description: Potential privilege escalation vulnerability

Recommendation: Always verify user permissions before performing privileged operations.

Missing Account Lockout - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 40

Description: Missing account lockout mechanism

Recommendation: Implement account lockout after multiple failed login attempts to prevent brute force attacks.

Missing Two-Factor Authentication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 44

Description: Missing two-factor authentication implementation

Recommendation: Implement two-factor authentication for sensitive accounts and operations.

Missing Two-Factor Authentication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 45

Description: Missing two-factor authentication implementation

Recommendation: Implement two-factor authentication for sensitive accounts and operations.

LDAP Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 40

Description: Potential LDAP injection

Recommendation: Use proper LDAP escaping libraries. Avoid string concatenation.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 9

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 24

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 39

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 43

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 72

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 87

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 102

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 131

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 9

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 24

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 39

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 43

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 72

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 87

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 102

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 131

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 55

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 57

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 58

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 20

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 35

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 55

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 68

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 83

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 98

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 113

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 127

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\privilege-escalation.js

Line: 148

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 42

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 15

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 24

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 7

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 32

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 104

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 105

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 32

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 84

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 89

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 104

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 5

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 13

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 21

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 30

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 40

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 48

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 58

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 69

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 81

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 102

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 5

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 13

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 21

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 30

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 40

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 42

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 48

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 58

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 69

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 81

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 102

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 24

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 72

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 32

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 84

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 89

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 104

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 22

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 70

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 82

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

DOM Clobbering - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 24

Description: Potential DOM clobbering vulnerability

Recommendation: Avoid using DOM element IDs that conflict with JavaScript properties or window object properties.

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 5

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 13

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 21

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 30

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 40

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 48

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

PostMessage XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 58

Description: Potential XSS via postMessage

Recommendation: Always validate origin of postMessage and sanitize received data.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 7

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 15

Description: Assigning to document.body.innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to document.body.innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 15

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 24

Description: Assigning to .innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to .innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 24

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 42

Description: Assigning to window.location.href which may have security implications

Recommendation: Validate and sanitize data before assigning to window.location.href

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\postmessage-xss.js

Line: 42

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 85

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 277

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 389

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 507

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 639

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 746

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 878

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 1047

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 1400

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 387

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 637

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 876

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 1045

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 1398

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 46

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 59

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 141

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 142

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 146

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 227

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 228

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 335

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 341

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 453

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 458

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 459

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 461

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 473

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 577

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 582

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 586

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 591

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 596

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 601

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 609

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 637

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 705

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 714

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 719

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 814

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 819

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 824

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 829

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 834

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 839

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 844

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 876

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 957

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 961

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\phishing.js

Line: 967

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 99

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 5

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 12

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 19

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 26

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 34

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 41

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 48

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 55

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 62

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 69

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 79

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 85

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 92

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 106

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 113

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 121

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 129

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 137

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 145

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 153

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 161

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 169

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 26

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 34

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 85

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 92

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 113

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 121

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 129

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 137

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 145

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 153

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 161

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 169

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 211

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 216

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 99

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 28

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 87

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 115

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 123

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 131

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 139

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 147

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 155

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 163

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 171

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 5

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 5

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 12

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 19

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 26

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 34

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 41

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 48

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 55

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 62

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 69

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 79

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 85

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 92

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 106

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 113

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 121

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 129

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 137

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 145

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 153

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 161

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\permission-management.js

Line: 169

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 126

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 144

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 40

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 17

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 41

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 76

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 90

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 111

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 137

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 41

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 55

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 90

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 118

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 126

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 144

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 40

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 40

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 112

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 11

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 18

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 56

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 98

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 120

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 130

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 138

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 146

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 155

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 70

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 84

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Network DNS Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 33

Description: Potential network DNS security issue

Recommendation: Use secure DNS servers. Implement DNSSEC where possible.

Network DNS Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 154

Description: Potential network DNS security issue

Recommendation: Use secure DNS servers. Implement DNSSEC where possible.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 42

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Authentication Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 144

Description: Potential API authentication bypass vulnerability

Recommendation: Implement strong authentication for all API endpoints. Use secure token validation and session management.

API Input Validation - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 40

Description: Potential API input validation issue

Recommendation: Validate all API inputs thoroughly. Use schema validation and parameter sanitization.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 127

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

Cloud Storage Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 76

Description: Potential cloud storage security issue

Recommendation: Secure cloud storage buckets with proper access controls. Use encryption for sensitive data.

Cloud Storage Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 41

Description: Potential cloud storage security issue

Recommendation: Secure cloud storage buckets with proper access controls. Use encryption for sensitive data.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 8

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 15

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 24

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 31

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 38

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 46

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 53

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 60

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 67

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 74

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\path-traversal.js

Line: 91

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

Hardcoded Secret - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 45

Description: Possible hardcoded secret

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 100

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Client Secret - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 45

Description: Possible hardcoded client secret

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 1

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 4

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 8

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 13

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 14

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 21

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 31

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 38

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 58

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 68

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 75

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 92

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 97

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 109

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 113

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 118

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 119

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 126

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 143

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 147

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 152

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 153

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 160

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 26

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 43

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 63

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 80

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 131

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 165

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 13

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 118

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 152

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 26

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 43

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 63

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 80

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 22

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 39

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 45

Description: Variable clientSecret appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 59

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 76

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 93

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 110

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 127

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 144

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\oauth-flow-vulnerability.js

Line: 161

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 6

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 9

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 15

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 18

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 24

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 28

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 34

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 35

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 36

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 50

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 53

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 59

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 62

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 77

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 83

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 89

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 94

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 118

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 119

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 120

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 145

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 148

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 154

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 157

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 163

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 174

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 180

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 181

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 182

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 186

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 188

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 192

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\nosql-injection.js

Line: 194

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 47

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 25

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 7

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 76

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 77

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 25

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 2

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 7

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 55

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 69

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 77

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 85

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 25

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 13

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 21

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 28

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 40

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 51

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 64

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 72

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 80

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 88

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 96

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 109

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 116

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 124

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 131

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Authentication Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 9

Description: Potential API authentication bypass vulnerability

Recommendation: Implement strong authentication for all API endpoints. Use secure token validation and session management.

API Authentication Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 16

Description: Potential API authentication bypass vulnerability

Recommendation: Implement strong authentication for all API endpoints. Use secure token validation and session management.

API Authentication Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 24

Description: Potential API authentication bypass vulnerability

Recommendation: Implement strong authentication for all API endpoints. Use secure token validation and session management.

API Authentication Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 31

Description: Potential API authentication bypass vulnerability

Recommendation: Implement strong authentication for all API endpoints. Use secure token validation and session management.

API Authentication Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 43

Description: Potential API authentication bypass vulnerability

Recommendation: Implement strong authentication for all API endpoints. Use secure token validation and session management.

API Authentication Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 54

Description: Potential API authentication bypass vulnerability

Recommendation: Implement strong authentication for all API endpoints. Use secure token validation and session management.

API Authentication Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 68

Description: Potential API authentication bypass vulnerability

Recommendation: Implement strong authentication for all API endpoints. Use secure token validation and session management.

API Authentication Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 76

Description: Potential API authentication bypass vulnerability

Recommendation: Implement strong authentication for all API endpoints. Use secure token validation and session management.

API Authentication Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 84

Description: Potential API authentication bypass vulnerability

Recommendation: Implement strong authentication for all API endpoints. Use secure token validation and session management.

API Authentication Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 92

Description: Potential API authentication bypass vulnerability

Recommendation: Implement strong authentication for all API endpoints. Use secure token validation and session management.

API Authentication Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 99

Description: Potential API authentication bypass vulnerability

Recommendation: Implement strong authentication for all API endpoints. Use secure token validation and session management.

API Authentication Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 112

Description: Potential API authentication bypass vulnerability

Recommendation: Implement strong authentication for all API endpoints. Use secure token validation and session management.

API Authentication Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 119

Description: Potential API authentication bypass vulnerability

Recommendation: Implement strong authentication for all API endpoints. Use secure token validation and session management.

API Authentication Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 127

Description: Potential API authentication bypass vulnerability

Recommendation: Implement strong authentication for all API endpoints. Use secure token validation and session management.

API Input Validation - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 25

Description: Potential API input validation issue

Recommendation: Validate all API inputs thoroughly. Use schema validation and parameter sanitization.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 37

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 48

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 62

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 1

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 2

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-file-upload-security.js

Line: 3

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-env-security.js

Line: 26

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Secret - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-env-security.js

Line: 25

Description: Possible hardcoded secret

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-env-security.js

Line: 11

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Insecure Password Storage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-env-security.js

Line: 26

Description: Potentially insecure password storage

Recommendation: Never store passwords in plain text. Use bcrypt, scrypt, or argon2 for password hashing.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-env-security.js

Line: 6

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-env-security.js

Line: 8

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-env-security.js

Line: 9

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-env-security.js

Line: 11

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-env-security.js

Line: 19

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-env-security.js

Line: 20

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-env-security.js

Line: 25

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-env-security.js

Line: 27

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-env-security.js

Line: 6

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-env-security.js

Line: 8

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-env-security.js

Line: 9

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-env-security.js

Line: 11

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-env-security.js

Line: 19

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-env-security.js

Line: 20

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-env-security.js

Line: 25

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-env-security.js

Line: 27

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 8

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Secret - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 48

Description: Possible hardcoded secret

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 6

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 23

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 24

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 45

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 50

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 51

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 52

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 53

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 57

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 12

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 28

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

JWT Algorithm Confusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 43

Description: Potential JWT algorithm confusion attack

Recommendation: Always explicitly specify algorithm in JWT verification. Do not accept "none" algorithm.

Session Fixation - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 16

Description: Potential session fixation vulnerability

Recommendation: Regenerate session ID after login. Use secure session management.

Insecure Password Storage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 8

Description: Potentially insecure password storage

Recommendation: Never store passwords in plain text. Use bcrypt, scrypt, or argon2 for password hashing.

Insecure Password Storage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 36

Description: Potentially insecure password storage

Recommendation: Never store passwords in plain text. Use bcrypt, scrypt, or argon2 for password hashing.

Insecure Password Storage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 37

Description: Potentially insecure password storage

Recommendation: Never store passwords in plain text. Use bcrypt, scrypt, or argon2 for password hashing.

Insecure Password Storage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 38

Description: Potentially insecure password storage

Recommendation: Never store passwords in plain text. Use bcrypt, scrypt, or argon2 for password hashing.

Missing Account Lockout - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 14

Description: Missing account lockout mechanism

Recommendation: Implement account lockout after multiple failed login attempts to prevent brute force attacks.

Missing Two-Factor Authentication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 15

Description: Missing two-factor authentication implementation

Recommendation: Implement two-factor authentication for sensitive accounts and operations.

Missing Two-Factor Authentication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 16

Description: Missing two-factor authentication implementation

Recommendation: Implement two-factor authentication for sensitive accounts and operations.

Missing Two-Factor Authentication - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 63

Description: Missing two-factor authentication implementation

Recommendation: Implement two-factor authentication for sensitive accounts and operations.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 12

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 28

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 12

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 28

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 3

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 32

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 33

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 34

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 41

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 42

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 43

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 48

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 51

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 52

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 51

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 1

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 3

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 4

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 8

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 45

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 48

Description: Property secret appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 51

Description: Property tokenHost appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 52

Description: Property tokenPath appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-auth-security.js

Line: 53

Description: Property authorizePath appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

Hardcoded Secret - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 49

Description: Possible hardcoded secret

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 50

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded API Key - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 48

Description: Possible hardcoded API key

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 68

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 80

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 30

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 35

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 52

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 57

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 71

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Plugin Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 7

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 111

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 117

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 122

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 150

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 30

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 52

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 57

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Axios Without CSRF - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 65

Description: Using Axios to send requests may be missing CSRF protection

Recommendation: Configure Axios to automatically include CSRF tokens, or manually add CSRF tokens in request headers.

Response Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 123

Description: Potential HTTP header injection vulnerability in response headers

Recommendation: Validate and sanitize all user input before setting response headers. Filter out newlines and control characters.

Response Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 124

Description: Potential HTTP header injection vulnerability in response headers

Recommendation: Validate and sanitize all user input before setting response headers. Filter out newlines and control characters.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 37

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 59

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 10

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 20

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 21

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 22

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 97

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 98

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 137

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 138

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 145

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 151

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 152

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 15

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 26

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 32

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 1

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 2

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 3

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 30

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 35

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 42

Description: Using axios.get which may have security implications

Recommendation: Review the usage of axios.get and ensure proper security measures are in place.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 48

Description: Variable apiKey appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 49

Description: Variable apiSecret appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 50

Description: Variable apiToken appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 52

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 57

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 65

Description: Using axios.post which may have security implications

Recommendation: Review the usage of axios.post and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 71

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 75

Description: Using https.request which may have security implications

Recommendation: Review the usage of https.request and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 116

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\new-rules-api-security.js

Line: 143

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 85

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 11

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 5

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 37

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 50

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 70

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 77

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 104

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 291

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 93

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 85

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 39

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 52

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 72

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 79

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 103

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 106

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 111

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 293

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 5

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 39

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 52

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 72

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 79

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 106

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 293

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 5

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 10

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 17

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 22

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 27

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 32

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 37

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 45

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 50

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 58

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 66

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 70

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 77

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 92

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 99

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 104

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 112

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 117

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 124

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 129

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 134

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 5

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 10

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 17

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 22

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 27

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 32

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 37

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 45

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 50

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 58

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 66

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 70

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 77

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 86

Description: Using .fetchData which may have security implications

Recommendation: Review the usage of .fetchData and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 92

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 99

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 104

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 112

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 117

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 124

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 129

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 134

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 139

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 144

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 149

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 154

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 159

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 164

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 169

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 174

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 179

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 186

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 191

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 196

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 201

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 206

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 211

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 216

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 221

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 226

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 231

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 236

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 241

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 246

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 251

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 256

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 261

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 266

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 271

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 276

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 281

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 286

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\network-requests.js

Line: 291

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 6

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 26

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 12

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 14

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Insecure Password Storage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 12

Description: Potentially insecure password storage

Recommendation: Never store passwords in plain text. Use bcrypt, scrypt, or argon2 for password hashing.

WebSocket Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 19

Description: Potential WebSocket security issue

Recommendation: Validate WebSocket origin and implement proper authentication.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 13

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 14

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 13

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 14

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Unsafe eval() Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 26

Description: Potentially unsafe use of eval()

Recommendation: Avoid using eval() with user input. Use safer alternatives like Function() or JSON.parse().

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 14

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 12

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 13

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 14

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 20

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 31

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 32

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 33

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 10

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 12

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 13

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 14

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 20

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 31

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 32

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 33

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 13

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 14

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 14

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 24

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 30

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Identity Security - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 13

Description: Potential cloud identity and access management security issue

Recommendation: Implement least privilege principle. Rotate access keys regularly. Use temporary credentials.

Cloud Database Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 12

Description: Potential cloud database security issue

Recommendation: Secure cloud databases with proper access controls. Enable encryption at rest and in transit.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 10

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 12

Description: Property dbPassword appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 13

Description: Property secretKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 14

Description: Property apiToken appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\more-vulnerabilities.js

Line: 26

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 10

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 152

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 47

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 59

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Insecure Form Submission - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 10

Description: Form submission may be missing CSRF protection

Recommendation: Add CSRF hidden field to forms and validate tokens on the server side.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 33

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 35

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 91

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 62

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 105

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 155

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 33

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 35

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 91

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 33

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 35

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 91

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 116

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 117

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 133

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 134

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

WebSocket Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 101

Description: Potential WebSocket security issue

Recommendation: Validate WebSocket origin and implement proper authentication.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 105

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 10

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 30

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 31

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 34

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Insecure Certificate Verification - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 152

Description: Potential insecure certificate verification

Recommendation: Always verify SSL/TLS certificates. Never disable verification.

WebSocket Authentication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 103

Description: Potential WebSocket authentication issue

Recommendation: Implement proper WebSocket authentication. Validate connections before processing messages.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 105

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 116

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 133

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Missing Input Pattern Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 11

Description: Input without pattern validation

Recommendation: Add pattern validation for inputs to ensure they match expected formats.

Missing Input Pattern Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 12

Description: Input without pattern validation

Recommendation: Add pattern validation for inputs to ensure they match expected formats.

Missing Input Length Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 11

Description: Input without length validation

Recommendation: Add length validation for inputs to prevent excessive data submission.

Missing Input Type Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 11

Description: Input without proper type validation

Recommendation: Use appropriate input types (e.g., email, number, tel) to enable browser validation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 12

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 91

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 92

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 111

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 112

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 129

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 130

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 148

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-https.js

Line: 155

Description: Using https.get which may have security implications

Recommendation: Review the usage of https.get and ensure proper security measures are in place.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 81

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 82

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 132

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 164

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Secret - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 165

Description: Possible hardcoded secret

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded API Key - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 163

Description: Possible hardcoded API key

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 94

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 9

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 29

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 46

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 63

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 111

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Insecure Password Storage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 132

Description: Potentially insecure password storage

Recommendation: Never store passwords in plain text. Use bcrypt, scrypt, or argon2 for password hashing.

Insecure Password Storage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 164

Description: Potentially insecure password storage

Recommendation: Never store passwords in plain text. Use bcrypt, scrypt, or argon2 for password hashing.

Password Complexity Requirements - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 164

Description: Missing or weak password complexity requirements

Recommendation: Implement strong password complexity requirements including length, uppercase, lowercase, numbers, and special characters.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 49

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 97

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 66

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 9

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 29

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 46

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 63

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 94

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 111

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 9

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 29

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 46

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 63

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 94

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 111

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure HTTP Method - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 94

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 97

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 165

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 171

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 82

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 94

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 97

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 165

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 171

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 25

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 42

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 59

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 90

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 107

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 132

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 145

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 163

Description: Variable apiKey appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 164

Description: Variable dbPassword appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\missing-encryption.js

Line: 165

Description: Variable jwtSecret appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 55

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 205

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 163

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 5

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 103

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 12

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 19

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 96

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 37

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 92

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 103

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 55

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 205

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 35

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 54

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 72

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 161

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 184

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 204

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Web Worker Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 185

Description: Potential memory leak from Web Workers

Recommendation: Terminate Web Workers when no longer needed using worker.terminate().

Web Worker XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 185

Description: Potential XSS via Web Worker

Recommendation: Validate and sanitize data passed to Web Workers.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 195

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 220

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 55

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 205

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 163

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

WebSocket Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 73

Description: Potential WebSocket security issue

Recommendation: Validate WebSocket origin and implement proper authentication.

Missing Network Timeout - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 163

Description: Potential missing network timeout

Recommendation: Set appropriate timeouts for network requests to prevent hanging connections.

Missing Network Retry - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 163

Description: Potential missing network retry mechanism

Recommendation: Implement retry logic for transient network failures to improve reliability.

Missing Network Error Handling - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 163

Description: Potential missing network error handling

Recommendation: Implement proper error handling for network requests to improve user experience.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 137

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 139

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 140

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 141

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 143

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 163

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 6

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 13

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 20

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 64

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 93

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 97

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 101

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 106

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 174

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 137

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 139

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 140

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 12

Description: Calling setInterval with potentially unsafe data

Recommendation: Avoid using setInterval with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 19

Description: Calling setInterval with potentially unsafe data

Recommendation: Avoid using setInterval with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 37

Description: Calling setTimeout with potentially unsafe data

Recommendation: Avoid using setTimeout with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 92

Description: Calling setTimeout with potentially unsafe data

Recommendation: Avoid using setTimeout with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 96

Description: Calling setInterval with potentially unsafe data

Recommendation: Avoid using setInterval with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\memory-leaks.js

Line: 163

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 56

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 162

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 122

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 141

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 163

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 115

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 120

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 121

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 122

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 6

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 9

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 23

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 26

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 47

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 50

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 69

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 72

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 93

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 96

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 111

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 115

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 131

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 135

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 153

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 156

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 175

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 178

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 193

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 196

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 14

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 35

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 57

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 81

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 102

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 122

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 144

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 163

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 184

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 203

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Authentication Bypass - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 11

Description: Potential API authentication bypass vulnerability

Recommendation: Implement strong authentication for all API endpoints. Use secure token validation and session management.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 6

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 22

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 23

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 46

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 47

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 68

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 69

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 92

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 93

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 110

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 111

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 112

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 130

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 131

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 132

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 152

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 153

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 174

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 175

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 192

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\malicious-file-upload.js

Line: 193

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 71

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 5

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 15

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 71

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Insecure Password Storage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 5

Description: Potentially insecure password storage

Recommendation: Never store passwords in plain text. Use bcrypt, scrypt, or argon2 for password hashing.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 71

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 71

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 14

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 15

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 14

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 15

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 29

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 30

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 34

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 35

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Unsafe Route Parameter Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 71

Description: Route parameter used unsafely

Recommendation: Sanitize and validate route parameters before using them in templates or DOM manipulation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 9

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 10

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 14

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 15

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 4

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 5

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 14

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 15

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 29

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\logging-security.js

Line: 30

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 136

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 138

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 45

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 47

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 8

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 19

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 26

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 33

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 40

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 47

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 54

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 61

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 68

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 75

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 82

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 89

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 96

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 103

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 110

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 117

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 124

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 131

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 138

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 145

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 45

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 47

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 45

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 47

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 13

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 31

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 136

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 138

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 13

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 31

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 136

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 138

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 136

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\ldap-injection.js

Line: 138

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 106

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 288

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 300

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 315

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 8

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 9

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 17

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 18

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 26

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 27

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 35

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 36

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 44

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 45

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 53

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 54

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 62

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 63

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 72

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 95

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 96

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 182

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 183

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 191

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 192

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 200

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 201

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 209

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 210

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 218

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 219

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 227

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 228

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 236

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 237

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 245

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 246

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 254

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 255

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 263

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 264

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 272

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 273

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 281

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 282

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 308

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 309

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-security.js

Line: 7

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 82

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

JWT Algorithm Confusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 8

Description: Potential JWT algorithm confusion attack

Recommendation: Always explicitly specify algorithm in JWT verification. Do not accept "none" algorithm.

JWT Algorithm Confusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 14

Description: Potential JWT algorithm confusion attack

Recommendation: Always explicitly specify algorithm in JWT verification. Do not accept "none" algorithm.

JWT Algorithm Confusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 21

Description: Potential JWT algorithm confusion attack

Recommendation: Always explicitly specify algorithm in JWT verification. Do not accept "none" algorithm.

JWT Algorithm Confusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 30

Description: Potential JWT algorithm confusion attack

Recommendation: Always explicitly specify algorithm in JWT verification. Do not accept "none" algorithm.

JWT Algorithm Confusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 38

Description: Potential JWT algorithm confusion attack

Recommendation: Always explicitly specify algorithm in JWT verification. Do not accept "none" algorithm.

JWT Algorithm Confusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 52

Description: Potential JWT algorithm confusion attack

Recommendation: Always explicitly specify algorithm in JWT verification. Do not accept "none" algorithm.

JWT Algorithm Confusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 58

Description: Potential JWT algorithm confusion attack

Recommendation: Always explicitly specify algorithm in JWT verification. Do not accept "none" algorithm.

JWT Algorithm Confusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 66

Description: Potential JWT algorithm confusion attack

Recommendation: Always explicitly specify algorithm in JWT verification. Do not accept "none" algorithm.

JWT Algorithm Confusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 74

Description: Potential JWT algorithm confusion attack

Recommendation: Always explicitly specify algorithm in JWT verification. Do not accept "none" algorithm.

JWT Algorithm Confusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 86

Description: Potential JWT algorithm confusion attack

Recommendation: Always explicitly specify algorithm in JWT verification. Do not accept "none" algorithm.

JWT Algorithm Confusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 95

Description: Potential JWT algorithm confusion attack

Recommendation: Always explicitly specify algorithm in JWT verification. Do not accept "none" algorithm.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 82

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 3

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 6

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 8

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 12

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 14

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 19

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 21

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 28

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 30

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 36

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 38

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 43

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 45

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 50

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 52

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 56

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 58

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 64

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 66

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 72

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 74

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\jwt-algorithm-confusion.js

Line: 77

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 100

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 6

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 13

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 27

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 36

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 45

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 51

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 60

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 68

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 78

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 89

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 99

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 111

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 121

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 130

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 141

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 150

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 160

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 168

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 178

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 21

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 187

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 189

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 166

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 169

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 100

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 100

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 139

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 142

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 143

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 139

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 142

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 143

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 139

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 142

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 143

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 17

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 20

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 110

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\json-injection.js

Line: 111

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 9

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 11

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 12

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 3

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 5

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 9

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 11

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 15

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 17

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 21

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 23

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 27

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 29

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 71

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Insecure Random Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 3

Description: Potentially insecure random number generation

Recommendation: Use crypto.randomBytes() or crypto.getRandomValues() for cryptographic randomness.

Insecure Random Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 5

Description: Potentially insecure random number generation

Recommendation: Use crypto.randomBytes() or crypto.getRandomValues() for cryptographic randomness.

Insecure Random Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 9

Description: Potentially insecure random number generation

Recommendation: Use crypto.randomBytes() or crypto.getRandomValues() for cryptographic randomness.

Insecure Random Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 11

Description: Potentially insecure random number generation

Recommendation: Use crypto.randomBytes() or crypto.getRandomValues() for cryptographic randomness.

Insecure Random Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 15

Description: Potentially insecure random number generation

Recommendation: Use crypto.randomBytes() or crypto.getRandomValues() for cryptographic randomness.

Insecure Random Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 17

Description: Potentially insecure random number generation

Recommendation: Use crypto.randomBytes() or crypto.getRandomValues() for cryptographic randomness.

Insecure Random Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 21

Description: Potentially insecure random number generation

Recommendation: Use crypto.randomBytes() or crypto.getRandomValues() for cryptographic randomness.

Insecure Random Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 23

Description: Potentially insecure random number generation

Recommendation: Use crypto.randomBytes() or crypto.getRandomValues() for cryptographic randomness.

Insecure Random Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 27

Description: Potentially insecure random number generation

Recommendation: Use crypto.randomBytes() or crypto.getRandomValues() for cryptographic randomness.

Insecure Random Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 29

Description: Potentially insecure random number generation

Recommendation: Use crypto.randomBytes() or crypto.getRandomValues() for cryptographic randomness.

Insecure Random Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 71

Description: Potentially insecure random number generation

Recommendation: Use crypto.randomBytes() or crypto.getRandomValues() for cryptographic randomness.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 9

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 11

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 12

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 9

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 11

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 12

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 5

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 6

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 11

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 12

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 23

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 24

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 5

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 6

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 9

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 11

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 12

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 23

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 24

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 9

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-random.js

Line: 11

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 33

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 56

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 79

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 103

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 126

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 152

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 207

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 9

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 30

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 53

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 76

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 99

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 123

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 146

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 174

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 203

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 227

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 9

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 30

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 53

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 76

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 99

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 123

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 146

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 174

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 203

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 227

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 9

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 30

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 53

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 76

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 99

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 123

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 146

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 174

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 203

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 227

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure HTTP Method - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 176

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Weak Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 33

Description: Potentially weak encryption algorithm

Recommendation: Use strong encryption algorithms like AES-256-GCM. Avoid MD5, SHA1, DES.

Weak Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 56

Description: Potentially weak encryption algorithm

Recommendation: Use strong encryption algorithms like AES-256-GCM. Avoid MD5, SHA1, DES.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 25

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 26

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 48

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 49

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 71

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 72

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 94

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 95

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 118

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 119

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 141

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 142

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 169

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 170

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 198

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 199

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-password-storage.js

Line: 223

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 119

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 130

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Response Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 105

Description: Potential HTTP header injection vulnerability in response headers

Recommendation: Validate and sanitize all user input before setting response headers. Filter out newlines and control characters.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 8

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 76

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 117

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 23

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 37

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 63

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 90

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Missing Account Lockout - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 119

Description: Missing account lockout mechanism

Recommendation: Implement account lockout after multiple failed login attempts to prevent brute force attacks.

LDAP Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 119

Description: Potential LDAP injection

Recommendation: Use proper LDAP escaping libraries. Avoid string concatenation.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 8

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 23

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 37

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 63

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 76

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 90

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 117

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 8

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 23

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 37

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 63

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 76

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 90

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 117

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure HTTP Method - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 120

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 120

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 120

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 89

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 90

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-http-method.js

Line: 92

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 9

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 21

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 33

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 46

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 58

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 74

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 90

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 106

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 122

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 135

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 89

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 105

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 115

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 119

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 121

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 125

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 128

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 132

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 134

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 138

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Weak Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 9

Description: Potentially weak encryption algorithm

Recommendation: Use strong encryption algorithms like AES-256-GCM. Avoid MD5, SHA1, DES.

Weak Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 90

Description: Potentially weak encryption algorithm

Recommendation: Use strong encryption algorithms like AES-256-GCM. Avoid MD5, SHA1, DES.

Weak Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 122

Description: Potentially weak encryption algorithm

Recommendation: Use strong encryption algorithms like AES-256-GCM. Avoid MD5, SHA1, DES.

Weak Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 21

Description: Potentially weak encryption algorithm

Recommendation: Use strong encryption algorithms like AES-256-GCM. Avoid MD5, SHA1, DES.

Weak Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 106

Description: Potentially weak encryption algorithm

Recommendation: Use strong encryption algorithms like AES-256-GCM. Avoid MD5, SHA1, DES.

Weak Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 135

Description: Potentially weak encryption algorithm

Recommendation: Use strong encryption algorithms like AES-256-GCM. Avoid MD5, SHA1, DES.

Insecure Random Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 69

Description: Potentially insecure random number generation

Recommendation: Use crypto.randomBytes() or crypto.getRandomValues() for cryptographic randomness.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 115

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 119

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 121

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 125

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 128

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 132

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 134

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 138

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 115

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 119

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 121

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 125

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 128

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 132

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 134

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 17

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 29

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 41

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 54

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 66

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 85

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 86

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 101

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 102

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 117

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-hash.js

Line: 130

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

Hardcoded Private Key - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 132

Description: Possible hardcoded private key

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 62

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 65

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 9

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 10

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 26

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 27

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 43

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 44

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 82

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 83

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 100

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 101

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 118

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 119

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 142

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 158

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 159

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 176

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 177

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure Certificate Verification - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 62

Description: Potential insecure certificate verification

Recommendation: Always verify SSL/TLS certificates. Never disable verification.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 9

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 26

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 43

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 82

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 100

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 118

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 158

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 176

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 26

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 43

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 62

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 82

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 83

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 100

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 118

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 132

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 133

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 135

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 141

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 158

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 6

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 22

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 23

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 39

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 40

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 58

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 65

Description: Using https.get which may have security implications

Recommendation: Review the usage of https.get and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 78

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 79

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 96

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 97

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 114

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 115

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 132

Description: Variable privateKey appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 139

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 154

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 155

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 172

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-certificate.js

Line: 173

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 5

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 6

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 12

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 13

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 19

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 20

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 26

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 27

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 33

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 34

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 40

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 41

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 47

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 48

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 54

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 55

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 61

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 62

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 68

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 69

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 5

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 12

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 19

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 26

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 33

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 40

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 47

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 54

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 61

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 68

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 5

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 12

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 19

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 26

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 33

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 40

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 47

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 54

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 61

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 68

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 5

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 12

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 19

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 26

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 33

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 40

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 47

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 54

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 61

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\insecure-cdn.js

Line: 68

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 42

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 115

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 215

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 214

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 17

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 33

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 48

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 57

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 66

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 75

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 86

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 97

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 106

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 121

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 130

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 139

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 148

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 177

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 194

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 205

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 216

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 225

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 17

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 33

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 48

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 57

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 66

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 75

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 86

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 97

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 106

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 121

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 130

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 139

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 148

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 177

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 194

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 205

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 216

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 225

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 42

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 115

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 214

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 193

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

DOM Clobbering - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 115

Description: Potential DOM clobbering vulnerability

Recommendation: Avoid using DOM element IDs that conflict with JavaScript properties or window object properties.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 104

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 106

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 108

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\input-validation.js

Line: 19

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 11

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 27

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 65

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 84

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 122

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 138

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 154

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 46

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 103

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 173

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 101

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

Vue SSR Security Issue - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 5

Description: Vue SSR usage with potential security concern

Recommendation: Review SSR implementation to ensure proper validation of server-side data and avoid exposing sensitive information to clients.

Vue SSR Security Issue - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 21

Description: Vue SSR usage with potential security concern

Recommendation: Review SSR implementation to ensure proper validation of server-side data and avoid exposing sensitive information to clients.

Vue SSR Security Issue - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 37

Description: Vue SSR usage with potential security concern

Recommendation: Review SSR implementation to ensure proper validation of server-side data and avoid exposing sensitive information to clients.

Vue SSR Security Issue - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 56

Description: Vue SSR usage with potential security concern

Recommendation: Review SSR implementation to ensure proper validation of server-side data and avoid exposing sensitive information to clients.

Vue SSR Security Issue - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 75

Description: Vue SSR usage with potential security concern

Recommendation: Review SSR implementation to ensure proper validation of server-side data and avoid exposing sensitive information to clients.

Vue SSR Security Issue - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 94

Description: Vue SSR usage with potential security concern

Recommendation: Review SSR implementation to ensure proper validation of server-side data and avoid exposing sensitive information to clients.

Vue SSR Security Issue - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 113

Description: Vue SSR usage with potential security concern

Recommendation: Review SSR implementation to ensure proper validation of server-side data and avoid exposing sensitive information to clients.

Vue SSR Security Issue - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 132

Description: Vue SSR usage with potential security concern

Recommendation: Review SSR implementation to ensure proper validation of server-side data and avoid exposing sensitive information to clients.

Vue SSR Security Issue - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 148

Description: Vue SSR usage with potential security concern

Recommendation: Review SSR implementation to ensure proper validation of server-side data and avoid exposing sensitive information to clients.

Vue SSR Security Issue - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 164

Description: Vue SSR usage with potential security concern

Recommendation: Review SSR implementation to ensure proper validation of server-side data and avoid exposing sensitive information to clients.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 44

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 120

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 14

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 30

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 49

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 68

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 87

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 106

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 125

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 141

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 157

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 176

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

Hydration Mismatch - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 5

Description: Potential hydration mismatch vulnerability

Recommendation: Ensure server-rendered and client-rendered content match exactly.

Hydration Mismatch - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 21

Description: Potential hydration mismatch vulnerability

Recommendation: Ensure server-rendered and client-rendered content match exactly.

Hydration Mismatch - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 37

Description: Potential hydration mismatch vulnerability

Recommendation: Ensure server-rendered and client-rendered content match exactly.

Hydration Mismatch - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 56

Description: Potential hydration mismatch vulnerability

Recommendation: Ensure server-rendered and client-rendered content match exactly.

Hydration Mismatch - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 75

Description: Potential hydration mismatch vulnerability

Recommendation: Ensure server-rendered and client-rendered content match exactly.

Hydration Mismatch - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 94

Description: Potential hydration mismatch vulnerability

Recommendation: Ensure server-rendered and client-rendered content match exactly.

Hydration Mismatch - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 113

Description: Potential hydration mismatch vulnerability

Recommendation: Ensure server-rendered and client-rendered content match exactly.

Hydration Mismatch - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 132

Description: Potential hydration mismatch vulnerability

Recommendation: Ensure server-rendered and client-rendered content match exactly.

Hydration Mismatch - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 148

Description: Potential hydration mismatch vulnerability

Recommendation: Ensure server-rendered and client-rendered content match exactly.

Hydration Mismatch - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 164

Description: Potential hydration mismatch vulnerability

Recommendation: Ensure server-rendered and client-rendered content match exactly.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 24

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Insecure Random Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 24

Description: Potentially insecure random number generation

Recommendation: Use crypto.randomBytes() or crypto.getRandomValues() for cryptographic randomness.

Deployment Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 151

Description: Potential deployment process security issue

Recommendation: Secure deployment pipelines. Implement environment isolation and access controls.

Deployment Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\hydration-mismatch.js

Line: 154

Description: Potential deployment process security issue

Recommendation: Secure deployment pipelines. Implement environment isolation and access controls.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 81

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 82

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 84

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 86

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 87

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Response Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 10

Description: Potential HTTP header injection vulnerability in response headers

Recommendation: Validate and sanitize all user input before setting response headers. Filter out newlines and control characters.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 48

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 51

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 53

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 136

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 139

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 141

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 147

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 148

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 150

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 151

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 152

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 153

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 11

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 229

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 42

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 86

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 11

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 229

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 11

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 229

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 81

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 82

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 84

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 86

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 87

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 11

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 32

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 43

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 54

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 65

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 76

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 98

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 109

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 120

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 131

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 142

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 153

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 164

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-response-splitting.js

Line: 177

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 169

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 170

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 173

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 262

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 267

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 10

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 11

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 23

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 24

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 25

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 26

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 38

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 49

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 50

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 61

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 81

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 96

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 109

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 110

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 111

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 124

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 141

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 142

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 143

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 155

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 156

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 168

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 169

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 182

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 184

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 185

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 186

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 187

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 189

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 199

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 200

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 201

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 212

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 213

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 225

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 226

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 237

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 238

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-parameter-pollution.js

Line: 239

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 109

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 119

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 129

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 74

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 75

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 76

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 79

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 5

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 15

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 25

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 35

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 45

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 56

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 66

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 76

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 86

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 96

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 110

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 120

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 130

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 142

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 152

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 162

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 172

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 15

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 35

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 45

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 76

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 96

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 120

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 152

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 7

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 17

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 27

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 37

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 47

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 58

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 68

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 78

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 88

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 98

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 112

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 122

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 132

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 144

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 154

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 164

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 174

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 5

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 15

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 25

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 35

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 45

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 56

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 66

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 76

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 86

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 96

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 110

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 120

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 130

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 142

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 152

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 162

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\http-header-injection.js

Line: 172

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 9

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 11

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 13

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 99

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 123

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 114

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 116

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 120

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 124

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 12

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 12

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM-based XSS (Event Handler) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 116

Description: Potential DOM-based XSS via event handlers

Recommendation: Avoid assigning user-controllable values to event handlers. Use addEventListener instead of inline handlers.

DOM-based XSS (Iframe) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 93

Description: Potential DOM-based XSS via iframe

Recommendation: Avoid using user-controllable values in iframe src attributes. Use sandbox attribute.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 18

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 23

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 64

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 74

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 6

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 20

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 31

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 37

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 43

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 51

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 62

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 69

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 81

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 87

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 93

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 99

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 105

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 107

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 116

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 122

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 136

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 145

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 151

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 157

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 12

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 18

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 23

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 64

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 74

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 18

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 23

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 64

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 74

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 13

Description: Assigning to element.innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to element.innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\html-injection.js

Line: 13

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 85

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 88

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 89

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 91

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 92

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 115

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 173

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 261

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Response Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 176

Description: Potential HTTP header injection vulnerability in response headers

Recommendation: Validate and sanitize all user input before setting response headers. Filter out newlines and control characters.

Response Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 177

Description: Potential HTTP header injection vulnerability in response headers

Recommendation: Validate and sanitize all user input before setting response headers. Filter out newlines and control characters.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 47

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 189

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 226

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 161

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Missing Two-Factor Authentication - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 118

Description: Missing two-factor authentication implementation

Recommendation: Implement two-factor authentication for sensitive accounts and operations.

Missing Two-Factor Authentication - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 119

Description: Missing two-factor authentication implementation

Recommendation: Implement two-factor authentication for sensitive accounts and operations.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 11

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 22

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 23

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 34

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 36

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 63

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 64

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 91

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 103

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 132

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 162

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 163

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 176

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 190

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 191

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 203

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 214

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 227

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 239

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 252

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 269

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 270

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 271

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 272

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\host-header-injection.js

Line: 190

Description: Variable tokenUrl appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 29

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 59

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 87

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 114

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 141

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 168

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 195

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 222

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 249

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 274

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 10

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 23

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 24

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 41

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 71

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 99

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 126

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 153

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 180

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 207

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 234

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 261

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 23

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 10

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 23

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 24

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 6

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 7

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 36

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 37

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 38

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 66

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 67

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 68

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 94

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 95

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 96

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 121

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 122

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 123

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 148

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 149

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 150

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 175

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 176

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 177

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 202

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 203

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 204

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 229

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 230

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 231

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 256

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 257

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\graphql-injection.js

Line: 258

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 92

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 92

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 92

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 92

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 20

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 28

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 36

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 44

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 82

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 101

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 107

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 113

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 119

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 125

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 155

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 163

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 171

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 179

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 187

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 195

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 203

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 211

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 219

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 227

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 235

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 243

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 251

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 259

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 267

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 275

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 283

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 291

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 299

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 307

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Deletion - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 87

Description: Potentially insecure file deletion

Recommendation: Validate file paths before deletion. Avoid deleting files based on user input.

Insecure File Deletion - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 131

Description: Potentially insecure file deletion

Recommendation: Validate file paths before deletion. Avoid deleting files based on user input.

Insecure File Deletion - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 137

Description: Potentially insecure file deletion

Recommendation: Validate file paths before deletion. Avoid deleting files based on user input.

Insecure File Deletion - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 143

Description: Potentially insecure file deletion

Recommendation: Validate file paths before deletion. Avoid deleting files based on user input.

Insecure File Deletion - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 149

Description: Potentially insecure file deletion

Recommendation: Validate file paths before deletion. Avoid deleting files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 6

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 12

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 50

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 56

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 62

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 68

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 77

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Unsafe Route Parameter Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 92

Description: Route parameter used unsafely

Recommendation: Sanitize and validate route parameters before using them in templates or DOM manipulation.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 94

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 11

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 17

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 18

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 25

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 26

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 33

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 34

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 41

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 42

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 49

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 55

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 61

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 67

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 76

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 81

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 86

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 100

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 106

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 112

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 118

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 124

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 130

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 136

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 142

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 148

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 154

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 160

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 161

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 168

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 169

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 176

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 177

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 184

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 185

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 192

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 193

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 200

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 201

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 208

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 209

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 216

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 217

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 224

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 225

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 232

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 233

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 240

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 241

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 248

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 249

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 256

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 257

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 264

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 265

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 272

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 273

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 280

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 281

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 288

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 289

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 296

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 297

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 304

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-operations.js

Line: 305

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 109

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 160

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Large Object Memory Leak - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 93

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 10

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 26

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 43

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 58

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 74

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 77

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 90

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 106

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 141

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 157

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 28

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 29

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 12

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 60

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 76

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 92

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 108

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 109

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 143

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 159

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 160

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 77

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 93

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 10

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 26

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 28

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 29

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 43

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 58

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 74

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 77

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 90

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 106

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 141

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 157

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 118

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 6

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 21

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 22

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 38

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 39

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 54

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 60

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 69

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 70

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 85

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 86

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 101

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 102

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 117

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 118

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 119

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 136

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 137

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 152

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\file-inclusion.js

Line: 153

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 25

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 19

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 20

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 10

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 74

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 79

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 98

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 103

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 108

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 113

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 98

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 103

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 108

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 113

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 19

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 20

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 19

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 20

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 5

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 5

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 24

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 5

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 24

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 25

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 5

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 10

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 15

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 20

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 25

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 65

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 74

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 79

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 98

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 103

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 108

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 113

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 47

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 56

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 78

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\error-handling.js

Line: 86

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 5

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 11

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 17

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 23

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 29

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 35

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 41

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 47

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 53

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 59

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 65

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 71

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 77

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 81

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 83

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 87

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 89

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 113

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 115

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 121

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 97

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 103

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 109

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 81

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 83

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 113

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 115

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

XPath Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 103

Description: Potential XPath injection

Recommendation: Use parameterized XPath queries. Avoid string concatenation.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-clobbering.js

Line: 81

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 6

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 14

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 18

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 21

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 53

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 68

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 93

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 108

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 154

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 166

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Write) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 15

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 8

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 41

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 43

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 46

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 69

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 71

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 90

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 92

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 95

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 98

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 100

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 102

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 109

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 117

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 125

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 138

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 147

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 158

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 173

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 176

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 187

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 191

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 29

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 78

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 87

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 87

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 36

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 28

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 35

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 61

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 77

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 85

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 101

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 115

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 36

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 172

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 189

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 134

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 6

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 8

Description: Assigning to .innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to .innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 8

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 14

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 15

Description: Calling document.write with potentially unsafe data

Recommendation: Avoid using document.write with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 21

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 29

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 46

Description: Assigning to .innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to .innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 46

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 53

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 62

Description: Calling setTimeout with potentially unsafe data

Recommendation: Avoid using setTimeout with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 68

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 69

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 71

Description: Assigning to .innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to .innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 71

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 93

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 95

Description: Assigning to element.outerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to element.outerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 95

Description: Accessing outerHTML property which may lead to security issues

Recommendation: Avoid accessing outerHTML directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 102

Description: Calling document.body.insertAdjacentHTML with potentially unsafe data

Recommendation: Avoid using document.body.insertAdjacentHTML with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 102

Description: Accessing insertAdjacentHTML property which may lead to security issues

Recommendation: Avoid accessing insertAdjacentHTML directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 108

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 109

Description: Assigning to .innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to .innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 109

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 117

Description: Assigning to .innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to .innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 117

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 125

Description: Assigning to .innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to .innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 125

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 138

Description: Assigning to .innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to .innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 138

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 147

Description: Assigning to .innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to .innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 147

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 154

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 158

Description: Assigning to element.innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to element.innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 158

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 166

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 173

Description: Assigning to tempDiv.innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to tempDiv.innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 173

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 191

Description: Assigning to element.innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to element.innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dom-based-xss.js

Line: 191

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

Vulnerable Axios Version - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 7

Description: Axios version has known security vulnerabilities

Recommendation: Update Axios to version 0.21.3 or later.

Vulnerable Axios Version - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 42

Description: Axios version has known security vulnerabilities

Recommendation: Update Axios to version 0.21.3 or later.

Vulnerable Webpack Version - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 45

Description: Webpack version has known security vulnerabilities

Recommendation: Update Webpack to version 5.0.0 or later.

Vulnerable Webpack Version - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 121

Description: Webpack version has known security vulnerabilities

Recommendation: Update Webpack to version 5.0.0 or later.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 28

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 118

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 85

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 86

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 87

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 28

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 118

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 28

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 118

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Missing Network Timeout - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 172

Description: Potential missing network timeout

Recommendation: Set appropriate timeouts for network requests to prevent hanging connections.

Missing Network Retry - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 172

Description: Potential missing network retry mechanism

Recommendation: Implement retry logic for transient network failures to improve reliability.

Unsafe Dynamic Import - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 167

Description: Potentially unsafe dynamic import

Recommendation: Ensure dynamic imports use statically analyzable strings or properly validate the import path.

Unsafe Dynamic Import - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 171

Description: Potentially unsafe dynamic import

Recommendation: Ensure dynamic imports use statically analyzable strings or properly validate the import path.

Unsafe Dynamic Import - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 175

Description: Potentially unsafe dynamic import

Recommendation: Ensure dynamic imports use statically analyzable strings or properly validate the import path.

Unsafe Dynamic Import - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 183

Description: Potentially unsafe dynamic import

Recommendation: Ensure dynamic imports use statically analyzable strings or properly validate the import path.

Unsafe Dynamic Import - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 187

Description: Potentially unsafe dynamic import

Recommendation: Ensure dynamic imports use statically analyzable strings or properly validate the import path.

Unsafe Dynamic Import - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 191

Description: Potentially unsafe dynamic import

Recommendation: Ensure dynamic imports use statically analyzable strings or properly validate the import path.

Unsafe Dynamic Import - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 207

Description: Potentially unsafe dynamic import

Recommendation: Ensure dynamic imports use statically analyzable strings or properly validate the import path.

Unsafe Dynamic Import - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 209

Description: Potentially unsafe dynamic import

Recommendation: Ensure dynamic imports use statically analyzable strings or properly validate the import path.

Unsafe Dynamic Import - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 216

Description: Potentially unsafe dynamic import

Recommendation: Ensure dynamic imports use statically analyzable strings or properly validate the import path.

Unsafe Dynamic Import - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 218

Description: Potentially unsafe dynamic import

Recommendation: Ensure dynamic imports use statically analyzable strings or properly validate the import path.

Unsafe Dynamic Import - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 226

Description: Potentially unsafe dynamic import

Recommendation: Ensure dynamic imports use statically analyzable strings or properly validate the import path.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 168

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 176

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Timeout Handling - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 172

Description: Potential API timeout handling issue

Recommendation: Implement proper timeout handling for API requests to prevent DoS attacks.

Supply Chain Attack Protection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 109

Description: Potential supply chain attack vulnerability

Recommendation: Implement software composition analysis (SCA). Verify package integrity and signatures.

Supply Chain Attack Protection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 127

Description: Potential supply chain attack vulnerability

Recommendation: Implement software composition analysis (SCA). Verify package integrity and signatures.

Supply Chain Attack Protection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 143

Description: Potential supply chain attack vulnerability

Recommendation: Implement software composition analysis (SCA). Verify package integrity and signatures.

Transitive Dependency Vulnerability - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 127

Description: Potential transitive dependency vulnerability

Recommendation: Regularly audit transitive dependencies. Use dependency locking and security scanners.

Transitive Dependency Vulnerability - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 143

Description: Potential transitive dependency vulnerability

Recommendation: Regularly audit transitive dependencies. Use dependency locking and security scanners.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 45

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 121

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 5

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 16

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 27

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 38

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 44

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 53

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 64

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 74

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 84

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 93

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\dependency-vulnerabilities.js

Line: 102

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 86

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 125

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 59

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 204

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 125

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 125

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 125

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 5

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 23

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 110

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 115

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 214

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 219

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 244

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 249

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 5

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 23

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 110

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 115

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 214

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 219

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 244

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 249

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Insufficient Key Length - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 5

Description: Potentially insufficient encryption key length

Recommendation: Use encryption keys with sufficient length (at least 128 bits for symmetric encryption).

Insufficient Key Length - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 11

Description: Potentially insufficient encryption key length

Recommendation: Use encryption keys with sufficient length (at least 128 bits for symmetric encryption).

Insufficient Key Length - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 17

Description: Potentially insufficient encryption key length

Recommendation: Use encryption keys with sufficient length (at least 128 bits for symmetric encryption).

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 5

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 11

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 17

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 23

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 110

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Insecure Key Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 115

Description: Potentially insecure key management

Recommendation: Use secure key management practices. Avoid hardcoding keys or storing them in plain text.

Unsafe Route Parameter Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 125

Description: Route parameter used unsafely

Recommendation: Sanitize and validate route parameters before using them in templates or DOM manipulation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\data-encryption.js

Line: 214

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 103

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 85

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 129

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 133

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 149

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 150

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 167

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 171

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 69

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 74

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 175

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 179

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 185

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 10

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 89

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 90

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 108

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 113

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 1

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 22

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Secret - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 6

Description: Possible hardcoded secret

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Secret - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 27

Description: Possible hardcoded secret

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 8

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 11

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 12

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 29

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 32

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 33

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded API Key - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 2

Description: Possible hardcoded API key

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Auth Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 8

Description: Possible hardcoded auth token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 8

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 29

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 108

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 113

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 296

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 297

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 89

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 102

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 103

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 85

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 129

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 133

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 167

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 171

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 265

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 89

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 124

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 125

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 1

Description: Variable password appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 2

Description: Variable API_KEY appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 3

Description: Variable SECRET_KEY appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 6

Description: Variable JWT_SECRET appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 7

Description: Variable ENCRYPTION_KEY appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 8

Description: Variable oauth_token appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 11

Description: Variable githubToken appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 12

Description: Variable slackToken appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 55

Description: Using axios.get which may have security implications

Recommendation: Review the usage of axios.get and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 59

Description: Calling child_process.execSync with potentially unsafe data

Recommendation: Avoid using child_process.execSync with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 69

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 74

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 85

Description: Assigning to .innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to .innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 85

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 103

Description: Assigning to window.location.href which may have security implications

Recommendation: Validate and sanitize data before assigning to window.location.href

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 103

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 125

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 129

Description: Assigning to .innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to .innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 129

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 133

Description: Assigning to .innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to .innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 133

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 146

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 150

Description: Assigning to element.innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to element.innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 150

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 167

Description: Assigning to .innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to .innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 167

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 171

Description: Assigning to .innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to .innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 171

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 175

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 179

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\custom-rules-test.js

Line: 185

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 31

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 6

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 18

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 31

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 37

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 49

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 61

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 73

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 85

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 97

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 114

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 126

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 138

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 150

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 166

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 178

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 190

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 202

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 215

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 227

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 239

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 35

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 39

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 35

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 39

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 99

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 99

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 100

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 101

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 4

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 16

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 29

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 35

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 47

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 59

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 71

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 83

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 95

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 112

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 124

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 136

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 148

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 164

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 176

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 188

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 200

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 213

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 225

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 237

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\css-injection.js

Line: 99

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 5

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 16

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 27

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 37

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 48

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 63

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 73

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 83

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 92

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 103

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 118

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 125

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 5

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 16

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 27

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 37

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 48

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 63

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 73

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 83

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 92

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 103

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 125

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 7

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 18

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 29

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 39

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 51

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 65

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 75

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 94

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 105

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 127

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 10

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 21

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 42

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 54

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 68

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 78

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 97

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 108

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 130

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 16

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 27

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 118

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 10

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 21

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 42

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 54

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 68

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 5

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 16

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 27

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 37

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 48

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 63

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 73

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 83

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 92

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 103

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 118

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-vulnerabilities.js

Line: 125

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 106

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 319

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 336

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 402

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 414

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 481

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 512

Description: Possible hardcoded token

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 382

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 417

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 507

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 417

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

CSRF Token in Request Body - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 110

Description: CSRF token in request body without proper validation

Recommendation: Ensure CSRF tokens in request bodies are properly validated on the server side.

CSRF Token in Request Body - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 419

Description: CSRF token in request body without proper validation

Recommendation: Ensure CSRF tokens in request bodies are properly validated on the server side.

CSRF Token in Request Body - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 484

Description: CSRF token in request body without proper validation

Recommendation: Ensure CSRF tokens in request bodies are properly validated on the server side.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 413

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 420

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

DOM Clobbering - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 413

Description: Potential DOM clobbering vulnerability

Recommendation: Avoid using DOM element IDs that conflict with JavaScript properties or window object properties.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 87

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 318

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 26

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 31

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 66

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 71

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 115

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 116

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 132

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 134

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 138

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 142

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 159

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 163

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 188

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 226

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 245

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 250

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 255

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 271

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 278

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 295

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 304

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 342

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 354

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 355

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 356

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 406

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 106

Description: Variable globalToken appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 230

Description: Calling executeAction with potentially unsafe data

Recommendation: Avoid using executeAction with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 319

Description: Variable returnUrlWithToken appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 342

Description: Calling executeOperationWithoutToken with potentially unsafe data

Recommendation: Avoid using executeOperationWithoutToken with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csrf-token-bypass.js

Line: 481

Description: Variable token appears to contain a hardcoded secret

Recommendation: Move sensitive data to environment variables or a secure vault

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 81

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 56

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 57

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 65

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

DOM-based XSS (Script Source) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 66

Description: Potential DOM-based XSS vulnerability via script source manipulation

Recommendation: Avoid dynamically setting script sources. Use Content Security Policy to restrict script sources.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 5

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 13

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 21

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 56

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 65

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 72

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 79

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 87

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 45

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 5

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 13

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 21

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 56

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 65

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 72

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 79

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 87

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

Response Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 47

Description: Potential HTTP header injection vulnerability in response headers

Recommendation: Validate and sanitize all user input before setting response headers. Filter out newlines and control characters.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 1

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 4

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 6

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 12

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 14

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 20

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 22

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 27

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 28

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 33

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 40

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 41

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 46

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 47

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 55

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 62

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 71

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 78

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 86

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

SVG XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 81

Description: Potential XSS via SVG content

Recommendation: Sanitize SVG content before rendering. Avoid using user-provided SVG directly.

DOM-based XSS (Iframe) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 73

Description: Potential DOM-based XSS via iframe

Recommendation: Avoid using user-controllable values in iframe src attributes. Use sandbox attribute.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 58

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 67

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 74

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 81

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 89

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 29

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\csp-bypass.js

Line: 42

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 74

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 85

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 86

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 87

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 51

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 97

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 49

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 32

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 33

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 34

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 74

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 5

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 10

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 15

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 20

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 34

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 39

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 44

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 51

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 61

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 65

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 69

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 81

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 86

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 87

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 92

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 97

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 104

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 109

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 114

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 119

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 124

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 129

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 65

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 81

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 97

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 74

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 74

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 25

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 26

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 60

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 61

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 74

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 75

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 5

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 10

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 15

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 20

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 25

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 26

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 27

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 34

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 39

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 44

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 61

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 65

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 69

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 81

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 87

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 92

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 97

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 104

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 109

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 114

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 119

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 124

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-security.js

Line: 129

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 90

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 103

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Storage) - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 127

Description: Potential DOM-based XSS vulnerability via local/session storage

Recommendation: Avoid directly using storage values in DOM manipulation. Sanitize storage data before use.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 151

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 205

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 212

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 90

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 103

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 139

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 141

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 172

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 173

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 190

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 192

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 193

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 235

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 83

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 118

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 246

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 90

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 91

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 103

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 7

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 14

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 22

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 29

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 30

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 40

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 50

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 51

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 60

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 73

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 82

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 83

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 95

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 106

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 114

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 115

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 117

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 130

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 139

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 141

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 145

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 153

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 161

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 7

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 14

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 22

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 30

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 40

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 51

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 60

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 73

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 83

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 90

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 95

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 103

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 106

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 115

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 130

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 145

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 153

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 163

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 181

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 198

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 208

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 215

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 226

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 231

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 238

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 246

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\cookie-bomb.js

Line: 254

Description: Assigning to document.cookie which may have security implications

Recommendation: Validate and sanitize data before assigning to document.cookie

SQL Injection via Sequelize - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 124

Description: Potential SQL injection through user input in Sequelize queries

Recommendation: Always use parameterized queries or Sequelize's built-in query builders. Never concatenate user input directly into SQL queries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 122

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 124

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 9

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 17

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 24

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 39

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 45

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 52

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 59

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 65

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 74

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 80

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 89

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 95

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 104

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 118

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 125

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 131

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 140

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 146

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 9

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 24

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 38

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 45

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 58

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 65

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 80

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 88

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 95

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 103

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 117

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 124

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 131

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 139

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 146

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 131

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 24

Description: Potential command injection vulnerability

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 45

Description: Potential command injection vulnerability

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 59

Description: Potential command injection vulnerability

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 74

Description: Potential command injection vulnerability

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 89

Description: Potential command injection vulnerability

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 104

Description: Potential command injection vulnerability

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 118

Description: Potential command injection vulnerability

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 125

Description: Potential command injection vulnerability

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 140

Description: Potential command injection vulnerability

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 146

Description: Potential command injection vulnerability

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 52

Description: Potential command injection vulnerability

Recommendation: Never execute commands with user input. Use safe APIs instead.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 9

Description: Calling exec with potentially unsafe data

Recommendation: Avoid using exec with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 17

Description: Calling spawn with potentially unsafe data

Recommendation: Avoid using spawn with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 24

Description: Calling execSync with potentially unsafe data

Recommendation: Avoid using execSync with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 30

Description: Calling execFile with potentially unsafe data

Recommendation: Avoid using execFile with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 39

Description: Calling exec with potentially unsafe data

Recommendation: Avoid using exec with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 45

Description: Calling execSync with potentially unsafe data

Recommendation: Avoid using execSync with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 52

Description: Calling spawn with potentially unsafe data

Recommendation: Avoid using spawn with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 59

Description: Calling execSync with potentially unsafe data

Recommendation: Avoid using execSync with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 65

Description: Calling exec with potentially unsafe data

Recommendation: Avoid using exec with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 74

Description: Calling execSync with potentially unsafe data

Recommendation: Avoid using execSync with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 80

Description: Calling exec with potentially unsafe data

Recommendation: Avoid using exec with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 89

Description: Calling execSync with potentially unsafe data

Recommendation: Avoid using execSync with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 95

Description: Calling exec with potentially unsafe data

Recommendation: Avoid using exec with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 104

Description: Calling execSync with potentially unsafe data

Recommendation: Avoid using execSync with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 110

Description: Calling spawnSync with potentially unsafe data

Recommendation: Avoid using spawnSync with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 118

Description: Calling execSync with potentially unsafe data

Recommendation: Avoid using execSync with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 125

Description: Calling execSync with potentially unsafe data

Recommendation: Avoid using execSync with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 131

Description: Calling exec with potentially unsafe data

Recommendation: Avoid using exec with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 140

Description: Calling execSync with potentially unsafe data

Recommendation: Avoid using execSync with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\command-injection.js

Line: 146

Description: Calling execSync with potentially unsafe data

Recommendation: Avoid using execSync with user-provided data. Consider using safer alternatives.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 77

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 104

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 153

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 172

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 201

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 231

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 234

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 237

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 259

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 283

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 350

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 353

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 356

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 387

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 447

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 469

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 501

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 532

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 581

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 15

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 78

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 105

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 132

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 573

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 374

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 552

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Insecure Form Submission - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 16

Description: Form submission may be missing CSRF protection

Recommendation: Add CSRF hidden field to forms and validate tokens on the server side.

Insecure Form Submission - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 50

Description: Form submission may be missing CSRF protection

Recommendation: Add CSRF hidden field to forms and validate tokens on the server side.

Insecure Form Submission - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 80

Description: Form submission may be missing CSRF protection

Recommendation: Add CSRF hidden field to forms and validate tokens on the server side.

Insecure Form Submission - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 107

Description: Form submission may be missing CSRF protection

Recommendation: Add CSRF hidden field to forms and validate tokens on the server side.

Insecure Form Submission - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 133

Description: Form submission may be missing CSRF protection

Recommendation: Add CSRF hidden field to forms and validate tokens on the server side.

Insecure Form Submission - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 175

Description: Form submission may be missing CSRF protection

Recommendation: Add CSRF hidden field to forms and validate tokens on the server side.

Insecure Form Submission - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 314

Description: Form submission may be missing CSRF protection

Recommendation: Add CSRF hidden field to forms and validate tokens on the server side.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 299

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 405

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 559

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 567

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 380

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 41

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 42

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 573

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 302

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 410

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 560

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 374

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\clickjacking.js

Line: 552

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 23

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 27

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 51

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 59

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 90

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 99

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 103

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 130

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Network Rate Limiting - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 137

Description: Potential missing network rate limiting

Recommendation: Implement rate limiting for network requests to prevent DoS attacks.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 23

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 27

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 51

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 130

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 115

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 116

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 128

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 130

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 4

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 6

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 22

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 26

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 34

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 40

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 68

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 113

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 120

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 153

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 155

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 177

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 182

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Container Image Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 103

Description: Potential container image security issue

Recommendation: Use official base images. Scan images for vulnerabilities. Implement image signing and verification.

Container Running as Root - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 103

Description: Container running as root user

Recommendation: Run containers as non-root users. Use USER directive in Dockerfile.

Container Health Check - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 103

Description: Container missing health check

Recommendation: Implement health checks for containers to ensure proper monitoring.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 17

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 26

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 27

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 75

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 76

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 81

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 116

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 138

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 139

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 155

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 162

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 187

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Business Flow Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 14

Description: Potential business flow bypass vulnerability

Recommendation: Implement server-side validation of business processes. Use state machines for complex workflows. Verify all steps in business processes.

Business Flow Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 22

Description: Potential business flow bypass vulnerability

Recommendation: Implement server-side validation of business processes. Use state machines for complex workflows. Verify all steps in business processes.

Business Flow Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 23

Description: Potential business flow bypass vulnerability

Recommendation: Implement server-side validation of business processes. Use state machines for complex workflows. Verify all steps in business processes.

Business Flow Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\business-logic-flaw.js

Line: 72

Description: Potential business flow bypass vulnerability

Recommendation: Implement server-side validation of business processes. Use state machines for complex workflows. Verify all steps in business processes.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 103

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 104

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 29

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 37

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 41

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 51

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 61

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Insecure Password Storage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 103

Description: Potentially insecure password storage

Recommendation: Never store passwords in plain text. Use bcrypt, scrypt, or argon2 for password hashing.

Insecure Password Storage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 104

Description: Potentially insecure password storage

Recommendation: Never store passwords in plain text. Use bcrypt, scrypt, or argon2 for password hashing.

Missing Account Lockout - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 6

Description: Missing account lockout mechanism

Recommendation: Implement account lockout after multiple failed login attempts to prevent brute force attacks.

Missing Account Lockout - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 29

Description: Missing account lockout mechanism

Recommendation: Implement account lockout after multiple failed login attempts to prevent brute force attacks.

Missing Account Lockout - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 8

Description: Missing account lockout mechanism

Recommendation: Implement account lockout after multiple failed login attempts to prevent brute force attacks.

Missing Account Lockout - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 93

Description: Missing account lockout mechanism

Recommendation: Implement account lockout after multiple failed login attempts to prevent brute force attacks.

Missing Account Lockout - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 115

Description: Missing account lockout mechanism

Recommendation: Implement account lockout after multiple failed login attempts to prevent brute force attacks.

Missing Two-Factor Authentication - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 117

Description: Missing two-factor authentication implementation

Recommendation: Implement two-factor authentication for sensitive accounts and operations.

LDAP Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 29

Description: Potential LDAP injection

Recommendation: Use proper LDAP escaping libraries. Avoid string concatenation.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 55

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 121

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 51

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 61

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 51

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 61

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Network Rate Limiting - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 74

Description: Potential missing network rate limiting

Recommendation: Implement rate limiting for network requests to prevent DoS attacks.

Network Rate Limiting - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 108

Description: Potential missing network rate limiting

Recommendation: Implement rate limiting for network requests to prevent DoS attacks.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 6

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 8

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 13

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 23

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 29

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 31

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 37

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 41

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 50

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 55

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 57

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 61

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 65

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 80

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 83

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 86

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 91

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 93

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 103

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\brute-force.js

Line: 47

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\blind-xss.js

Line: 163

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\blind-xss.js

Line: 181

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\blind-xss.js

Line: 182

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\blind-xss.js

Line: 14

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\blind-xss.js

Line: 181

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\blind-xss.js

Line: 182

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\blind-xss.js

Line: 181

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\blind-xss.js

Line: 182

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\blind-xss.js

Line: 57

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\blind-xss.js

Line: 163

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\blind-xss.js

Line: 324

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\blind-xss.js

Line: 14

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\blind-xss.js

Line: 163

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\blind-xss.js

Line: 324

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\blind-xss.js

Line: 127

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\blind-xss.js

Line: 163

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\blind-xss.js

Line: 236

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\blind-xss.js

Line: 4

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\blind-xss.js

Line: 20

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 79

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 80

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 81

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 86

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 87

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 89

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 117

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 220

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 81

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 127

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 137

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 147

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 159

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 166

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 177

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 188

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 199

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 206

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 217

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 227

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 235

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 245

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 255

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 263

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 271

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 278

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 285

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 292

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 299

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 311

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 321

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 81

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 127

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 137

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 147

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 166

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 177

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 188

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 206

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 217

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 227

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 245

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 255

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 263

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 285

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 292

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 299

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 311

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 321

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 81

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 127

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 137

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 147

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 159

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 166

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 177

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 188

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 199

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 206

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 217

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 220

Description: Property Authorization appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 227

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 235

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 245

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 255

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 263

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 271

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 278

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 285

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 292

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 299

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 311

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\authentication-authorization.js

Line: 321

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 12

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 20

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 5

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 13

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 21

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 29

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 37

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 45

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 53

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 61

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 69

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 77

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 85

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 93

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 101

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 109

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 117

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 128

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 134

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 141

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 148

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 157

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 165

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 173

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 181

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 189

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 197

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 205

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 213

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 221

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 229

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 237

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 245

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 253

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 261

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 5

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 13

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 21

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 29

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 37

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 45

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 53

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 61

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 69

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 77

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 85

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 93

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 101

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 109

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 117

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 5

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 13

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 21

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 29

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 37

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 45

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 53

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 61

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 69

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 77

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 85

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 93

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 101

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 109

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 117

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 128

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 134

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 141

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 148

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 157

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 165

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 173

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 181

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 189

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 197

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 205

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 213

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 221

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 229

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 237

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 245

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 253

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\api-security.js

Line: 261

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 22

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 62

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 55

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 86

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 54

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 61

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 65

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 68

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 84

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 41

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Hardcoded API Key - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 45

Description: Possible hardcoded API key

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Vue Router Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 61

Description: Vue router usage with potential security concern

Recommendation: Validate and sanitize route parameters and destinations to prevent open redirects and parameter pollution.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 28

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 4

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 29

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router Navigation Guard Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 11

Description: Vue Router navigation guard usage with potential security concern

Recommendation: Ensure navigation guards properly validate route transitions and user permissions to prevent unauthorized access.

Vue Router Navigation Guard Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 19

Description: Vue Router navigation guard usage with potential security concern

Recommendation: Ensure navigation guards properly validate route transitions and user permissions to prevent unauthorized access.

Circular Reference - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 65

Description: Potential circular reference causing memory leak

Recommendation: Avoid creating circular references, especially between different objects.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 22

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 62

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

DOM Clobbering - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 62

Description: Potential DOM clobbering vulnerability

Recommendation: Avoid using DOM element IDs that conflict with JavaScript properties or window object properties.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 21

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 54

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 61

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 65

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 68

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 84

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Insecure Password Storage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 41

Description: Potentially insecure password storage

Recommendation: Never store passwords in plain text. Use bcrypt, scrypt, or argon2 for password hashing.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 69

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 86

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 69

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 21

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 54

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 61

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 65

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 68

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 84

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 21

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 54

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 61

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 65

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 68

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 84

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 22

Description: Assigning to window.location.href which may have security implications

Recommendation: Validate and sanitize data before assigning to window.location.href

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 22

Description: Accessing location property which may lead to security issues

Recommendation: Avoid accessing location directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 41

Description: Property password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 45

Description: Property googleMapsApiKey appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 55

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 62

Description: Assigning to .innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to .innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 62

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\advanced-vulnerabilities.js

Line: 86

Description: Calling eval with potentially unsafe data

Recommendation: Avoid using eval with user-provided data. Consider using safer alternatives.

Hardcoded Password - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 23

Description: Possible hardcoded password

Recommendation: Move sensitive credentials to environment variables or secure vault systems.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 45

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 47

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 50

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 55

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 116

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 125

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 161

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 55

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 125

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 148

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 32

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 84

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 97

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 157

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 163

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 98

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 135

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Insecure Password Storage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 23

Description: Potentially insecure password storage

Recommendation: Never store passwords in plain text. Use bcrypt, scrypt, or argon2 for password hashing.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 33

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 88

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 89

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 102

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 136

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 158

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 164

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 68

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 70

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 167

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 169

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 32

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 84

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 97

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 98

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 135

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 157

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 163

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 32

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 84

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 97

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 98

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 135

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 23

Description: Property db_password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 41

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 78

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 112

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\access-control.js

Line: 144

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 63

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

Circular Reference - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 17

Description: Potential circular reference causing memory leak

Recommendation: Avoid creating circular references, especially between different objects.

Circular Reference - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 441

Description: Potential circular reference causing memory leak

Recommendation: Avoid creating circular references, especially between different objects.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 109

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 110

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 164

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 166

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 246

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 248

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Closure Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 73

Description: Potential memory leak from closures

Recommendation: Avoid creating unnecessary closures. Clean up references in closures when no longer needed.

Closure Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 206

Description: Potential memory leak from closures

Recommendation: Avoid creating unnecessary closures. Clean up references in closures when no longer needed.

Closure Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 289

Description: Potential memory leak from closures

Recommendation: Avoid creating unnecessary closures. Clean up references in closures when no longer needed.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 85

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 92

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 107

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 112

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 130

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 137

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 145

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 153

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 176

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 194

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 201

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 221

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 232

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 236

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 273

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 274

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 279

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 292

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 303

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 314

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 315

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 318

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 324

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 343

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 349

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 350

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 351

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 352

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 476

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 83

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 143

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Network DNS Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 58

Description: Potential network DNS security issue

Recommendation: Use secure DNS servers. Implement DNSSEC where possible.

Network DNS Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 270

Description: Potential network DNS security issue

Recommendation: Use secure DNS servers. Implement DNSSEC where possible.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 41

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 42

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 43

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 4

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 6

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 7

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 8

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 9

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 10

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 11

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 12

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 13

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\scanner.js

Line: 227

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 47

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 90

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 95

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 100

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 105

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 55

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 40

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Deployment Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 52

Description: Potential deployment process security issue

Recommendation: Secure deployment pipelines. Implement environment isolation and access controls.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 52

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 64

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 81

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 83

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 20

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 21

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 22

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 23

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 78

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 81

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 83

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 90

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 95

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 100

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 105

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 110

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 115

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 134

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

Business Flow Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 22

Description: Potential business flow bypass vulnerability

Recommendation: Implement server-side validation of business processes. Use state machines for complex workflows. Verify all steps in business processes.

Business Flow Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 23

Description: Potential business flow bypass vulnerability

Recommendation: Implement server-side validation of business processes. Use state machines for complex workflows. Verify all steps in business processes.

Generic Business Logic Vulnerability - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 78

Description: Potential business logic vulnerability

Recommendation: Review business logic for security issues. Test edge cases and unusual input combinations. Implement defensive programming practices.

Generic Business Logic Vulnerability - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 81

Description: Potential business logic vulnerability

Recommendation: Review business logic for security issues. Test edge cases and unusual input combinations. Implement defensive programming practices.

Generic Business Logic Vulnerability - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 83

Description: Potential business logic vulnerability

Recommendation: Review business logic for security issues. Test edge cases and unusual input combinations. Implement defensive programming practices.

Generic Business Logic Vulnerability - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 90

Description: Potential business logic vulnerability

Recommendation: Review business logic for security issues. Test edge cases and unusual input combinations. Implement defensive programming practices.

Generic Business Logic Vulnerability - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 95

Description: Potential business logic vulnerability

Recommendation: Review business logic for security issues. Test edge cases and unusual input combinations. Implement defensive programming practices.

Generic Business Logic Vulnerability - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 100

Description: Potential business logic vulnerability

Recommendation: Review business logic for security issues. Test edge cases and unusual input combinations. Implement defensive programming practices.

Generic Business Logic Vulnerability - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 105

Description: Potential business logic vulnerability

Recommendation: Review business logic for security issues. Test edge cases and unusual input combinations. Implement defensive programming practices.

Generic Business Logic Vulnerability - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 110

Description: Potential business logic vulnerability

Recommendation: Review business logic for security issues. Test edge cases and unusual input combinations. Implement defensive programming practices.

Generic Business Logic Vulnerability - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 115

Description: Potential business logic vulnerability

Recommendation: Review business logic for security issues. Test edge cases and unusual input combinations. Implement defensive programming practices.

Business Rule Violation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 10

Description: Potential business rule violation

Recommendation: Implement server-side enforcement of business rules. Validate all business operations against defined rules.

Business Rule Violation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 11

Description: Potential business rule violation

Recommendation: Implement server-side enforcement of business rules. Validate all business operations against defined rules.

Business Rule Violation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 17

Description: Potential business rule violation

Recommendation: Implement server-side enforcement of business rules. Validate all business operations against defined rules.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 4

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\ignore-manager.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 13

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 11

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Network DNS Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 52

Description: Potential network DNS security issue

Recommendation: Use secure DNS servers. Implement DNSSEC where possible.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 5

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 9

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 19

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 23

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 28

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 32

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 37

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 41

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 46

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 51

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 19

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

Business Data Validation - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 19

Description: Missing or inadequate business data validation

Recommendation: Implement comprehensive data validation for all business inputs. Validate data types, ranges, formats, and business rules.

Mobile App Sensitive Information Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 13

Description: Potential mobile app sensitive information leakage

Recommendation: Avoid logging sensitive information. Implement secure logging practices. Use environment variables for secrets.

Mobile App Third-Party Libraries - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 55

Description: Potential mobile app third-party library security issue

Recommendation: Scan third-party libraries for security vulnerabilities. Use only trusted libraries. Keep libraries updated.

WebAssembly Code Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 55

Description: Potential WebAssembly code injection vulnerability

Recommendation: Validate and sanitize all input to WebAssembly modules. Avoid dynamic code generation. Use proper isolation for WebAssembly modules.

WebAssembly Validation - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 19

Description: Missing or inadequate WebAssembly validation

Recommendation: Validate all WebAssembly modules before instantiation. Use proper module signing. Implement integrity checks for WebAssembly code.

WebAssembly Communication Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 13

Description: Potential WebAssembly communication security issue

Recommendation: Secure communication between WebAssembly and JavaScript. Validate all data passed between WebAssembly and JavaScript. Use structured cloning for complex data.

WebAssembly Communication Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 55

Description: Potential WebAssembly communication security issue

Recommendation: Secure communication between WebAssembly and JavaScript. Validate all data passed between WebAssembly and JavaScript. Use structured cloning for complex data.

Console Log in Production - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 13

Description: 检测生产环境中的console.log

Recommendation: 移除或使用日志库替代console.log

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 1

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\helpers.js

Line: 2

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 40

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 41

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 18

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 30

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 37

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 45

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 31

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 54

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 18

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 20

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 30

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 31

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Cloud Resource Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 16

Description: Potential cloud resource security issue

Recommendation: Monitor and secure all cloud resources. Remove unused resources. Implement resource tagging.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 4

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 7

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 16

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 18

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 25

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 60

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 4

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 7

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 16

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 18

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 25

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 60

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

Business Flow Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 37

Description: Potential business flow bypass vulnerability

Recommendation: Implement server-side validation of business processes. Use state machines for complex workflows. Verify all steps in business processes.

Business Data Validation - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 40

Description: Missing or inadequate business data validation

Recommendation: Implement comprehensive data validation for all business inputs. Validate data types, ranges, formats, and business rules.

Business Data Validation - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 41

Description: Missing or inadequate business data validation

Recommendation: Implement comprehensive data validation for all business inputs. Validate data types, ranges, formats, and business rules.

Business Logic Concurrency Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 31

Description: Potential concurrency issue in business logic

Recommendation: Implement proper concurrency control. Use transactions for critical operations. Handle race conditions gracefully.

Transaction Management Issue - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 4

Description: Potential transaction management issue

Recommendation: Use atomic transactions for critical business operations. Implement proper error handling and rollback mechanisms.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 18

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 20

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 30

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 31

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Mobile App Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 25

Description: Potential mobile app permissions issue

Recommendation: Request only necessary permissions. Use runtime permission requests. Implement permission justification.

Mobile App Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 32

Description: Potential mobile app permissions issue

Recommendation: Request only necessary permissions. Use runtime permission requests. Implement permission justification.

Mobile App Network Communication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 25

Description: Potential mobile app network communication security issue

Recommendation: Use HTTPS for all network communications. Implement certificate pinning. Validate server certificates.

Mobile App Network Communication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 32

Description: Potential mobile app network communication security issue

Recommendation: Use HTTPS for all network communications. Implement certificate pinning. Validate server certificates.

Mobile App Code Obfuscation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 25

Description: Missing or inadequate mobile app code obfuscation

Recommendation: Implement code obfuscation for mobile apps. Use ProGuard for Android. Use App Transport Security for iOS.

Mobile App Code Obfuscation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\utils\error-handler.js

Line: 32

Description: Missing or inadequate mobile app code obfuscation

Recommendation: Implement code obfuscation for mobile apps. Use ProGuard for Android. Use App Transport Security for iOS.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 15

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 45

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 17

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 47

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 5

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 35

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 5

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 35

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 5

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 15

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 35

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 45

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 5

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 15

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 35

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 45

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 5

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 15

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 35

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 45

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 6

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 36

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 11

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 41

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Database Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 7

Description: Potential cloud database security issue

Recommendation: Secure cloud databases with proper access controls. Enable encryption at rest and in transit.

Cloud Database Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 37

Description: Potential cloud database security issue

Recommendation: Secure cloud databases with proper access controls. Enable encryption at rest and in transit.

Cloud Network Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 18

Description: Potential cloud network security issue

Recommendation: Implement proper network segmentation. Use VPCs, security groups, and network ACLs.

Cloud Network Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 48

Description: Potential cloud network security issue

Recommendation: Implement proper network segmentation. Use VPCs, security groups, and network ACLs.

Cloud Monitoring Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 28

Description: Potential cloud monitoring security issue

Recommendation: Implement proper monitoring and logging. Set up alerts for security events.

Cloud Monitoring Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 58

Description: Potential cloud monitoring security issue

Recommendation: Implement proper monitoring and logging. Set up alerts for security events.

Cloud Monitoring Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 26

Description: Potential cloud monitoring security issue

Recommendation: Implement proper monitoring and logging. Set up alerts for security events.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 1

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 4

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 6

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 7

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 8

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 9

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 10

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 11

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 12

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 13

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 14

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 15

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 16

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 17

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 18

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 19

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 20

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 21

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 22

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 23

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 24

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 25

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 26

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 27

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 28

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 29

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\security-rules.js

Line: 30

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 80

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 173

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 47

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 105

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 70

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 75

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 25

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 117

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 70

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 75

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 70

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 75

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Network Rate Limiting - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 90

Description: Potential missing network rate limiting

Recommendation: Implement rate limiting for network requests to prevent DoS attacks.

Weak Random Number Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 117

Description: Potentially weak random number generation

Recommendation: For cryptographically secure random numbers, use crypto.getRandomValues() or crypto.randomBytes() with proper callback handling.

Insecure Random Generation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 117

Description: Potentially insecure random number generation

Recommendation: Use crypto.randomBytes() or crypto.getRandomValues() for cryptographic randomness.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 7

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 8

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 11

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 101

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 102

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Cache Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 16

Description: Potential API cache security issue

Recommendation: Implement proper cache control for API responses. Avoid caching sensitive data.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 7

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 8

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 9

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 11

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 101

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 102

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 190

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 212

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 65

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 92

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 173

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 175

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 177

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 1

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 2

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\rule-engine.js

Line: 25

Description: Calling regex.exec with potentially unsafe data

Recommendation: Avoid using regex.exec with user-provided data. Consider using safer alternatives.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 76

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 77

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 79

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 80

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 82

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 113

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 14

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 15

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 20

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 39

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 42

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 46

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 47

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 52

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 76

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 77

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 82

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 106

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 107

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 110

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 112

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 117

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 118

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 123

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 134

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 14

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 15

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 20

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 39

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\custom-rules.js

Line: 42

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 9

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via dangerouslySetInnerHTML - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 14

Description: Using dangerouslySetInnerHTML can lead to XSS vulnerabilities

Recommendation: Avoid using dangerouslySetInnerHTML with user-provided content. Sanitize the content before use.

XSS via dangerouslySetInnerHTML - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 16

Description: Using dangerouslySetInnerHTML can lead to XSS vulnerabilities

Recommendation: Avoid using dangerouslySetInnerHTML with user-provided content. Sanitize the content before use.

XSS via dangerouslySetInnerHTML - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 17

Description: Using dangerouslySetInnerHTML can lead to XSS vulnerabilities

Recommendation: Avoid using dangerouslySetInnerHTML with user-provided content. Sanitize the content before use.

XSS via dangerouslySetInnerHTML - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 19

Description: Using dangerouslySetInnerHTML can lead to XSS vulnerabilities

Recommendation: Avoid using dangerouslySetInnerHTML with user-provided content. Sanitize the content before use.

XSS via dangerouslySetInnerHTML - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 107

Description: Using dangerouslySetInnerHTML can lead to XSS vulnerabilities

Recommendation: Avoid using dangerouslySetInnerHTML with user-provided content. Sanitize the content before use.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 14

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 16

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 17

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 19

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 59

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 107

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 117

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 119

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Vue 3 Teleport XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 89

Description: Potential XSS vulnerability via Vue 3 Teleport component

Recommendation: Ensure Teleport targets are not controlled by user input. Validate and sanitize all Teleport-related data.

Vue 3 Suspense XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 99

Description: Potential XSS vulnerability via Vue 3 Suspense component

Recommendation: Ensure Suspense fallback content is properly sanitized. Avoid user-controllable content in Suspense components.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 103

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 104

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 106

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 109

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 121

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 130

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

XSS via Route Parameters - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 170

Description: Potential XSS vulnerability via route parameters

Recommendation: Sanitize route parameters before using them in templates or DOM manipulation.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 79

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 164

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 170

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\xss-rules.js

Line: 164

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 73

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 76

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 20

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 21

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 31

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 32

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 42

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 43

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 53

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 54

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 64

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 65

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 75

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 76

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 86

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 87

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 97

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 98

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 108

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 109

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 9

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 10

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 20

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 21

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 31

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 32

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 42

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 43

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 53

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 54

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 64

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 65

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 75

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 76

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 86

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 87

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 97

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 98

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 108

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 109

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 29

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 40

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 73

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 84

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 95

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 95

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\webassembly-security-rules.js

Line: 51

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Vue 3 Teleport XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 71

Description: Potential XSS vulnerability via Vue 3 Teleport component

Recommendation: Ensure Teleport targets are not controlled by user input. Validate and sanitize all Teleport-related data.

Vue 3 Suspense XSS - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 82

Description: Potential XSS vulnerability via Vue 3 Suspense component

Recommendation: Ensure Suspense fallback content is properly sanitized. Avoid user-controllable content in Suspense components.

Vue Router 4 Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 122

Description: Vue Router 4 usage with potential security concern

Recommendation: Review Vue Router 4 usage to ensure proper validation of route parameters and navigation guards.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 132

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 148

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

State Management Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 162

Description: State management usage with potential security concern

Recommendation: Avoid storing sensitive information in client-side state without encryption. Validate all data before committing to store.

State Management Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 173

Description: State management usage with potential security concern

Recommendation: Avoid storing sensitive information in client-side state without encryption. Validate all data before committing to store.

State Management Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 175

Description: State management usage with potential security concern

Recommendation: Avoid storing sensitive information in client-side state without encryption. Validate all data before committing to store.

State Management Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 163

Description: State management usage with potential security concern

Recommendation: Avoid storing sensitive information in client-side state without encryption. Validate all data before committing to store.

Vue Slot Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 221

Description: Vue slot usage with potential security concern

Recommendation: Be cautious with slot content from untrusted sources.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 107

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 107

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 107

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 20

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 21

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 22

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 23

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 33

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 34

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 44

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 45

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 46

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 47

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 48

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 58

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 59

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 60

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 61

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 71

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 72

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 82

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 83

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 93

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 94

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 95

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\vue-specific-rules.js

Line: 105

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 32

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 32

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Network Rate Limiting - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 29

Description: Potential missing network rate limiting

Recommendation: Implement rate limiting for network requests to prevent DoS attacks.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 32

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 31

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 32

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 20

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 21

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 29

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 31

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 32

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 42

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 43

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 53

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 54

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 64

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 65

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 75

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 76

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 86

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 87

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 97

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 98

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 108

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 109

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 9

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\supply-chain-rules.js

Line: 10

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

SSR Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\ssr-rules.js

Line: 9

Description: Potential Server-Side Rendering injection

Recommendation: Sanitize all user-provided data before rendering on the server.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\ssr-rules.js

Line: 10

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\ssr-rules.js

Line: 20

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\ssr-rules.js

Line: 21

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\ssr-rules.js

Line: 10

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\ssr-rules.js

Line: 20

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\ssr-rules.js

Line: 21

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\ssr-rules.js

Line: 10

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\ssr-rules.js

Line: 20

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\ssr-rules.js

Line: 21

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\ssr-rules.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\ssr-rules.js

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\ssr-rules.js

Line: 20

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\ssr-rules.js

Line: 21

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\ssr-rules.js

Line: 31

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\ssr-rules.js

Line: 9

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\ssr-rules.js

Line: 10

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\ssr-rules.js

Line: 20

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\ssr-rules.js

Line: 21

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

SQL Injection via Sequelize - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 7

Description: Potential SQL injection through user input in Sequelize queries

Recommendation: Always use parameterized queries or Sequelize's built-in query builders. Never concatenate user input directly into SQL queries.

SQL Injection via Sequelize - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 9

Description: Potential SQL injection through user input in Sequelize queries

Recommendation: Always use parameterized queries or Sequelize's built-in query builders. Never concatenate user input directly into SQL queries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 7

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 9

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 13

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 14

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 16

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 17

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 19

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 39

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 7

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 9

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 13

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 14

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 16

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 17

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 19

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 39

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 7

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 9

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 13

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 14

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 16

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 17

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 19

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\sql-injection-rules.js

Line: 39

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 18

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 21

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 51

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 18

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 20

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 21

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 31

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 32

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 42

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 43

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 53

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 54

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 64

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 65

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 73

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 75

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 76

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 86

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 87

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 97

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 98

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 108

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 109

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 9

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 10

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 18

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 20

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 21

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 31

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 32

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 42

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 43

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 53

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 54

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 64

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 65

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 73

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 75

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 76

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 86

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\security-monitoring-rules.js

Line: 87

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 53

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 54

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 56

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 59

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 7

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 17

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 27

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 37

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 47

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 57

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 67

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 77

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 1

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 13

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 14

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 16

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 19

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 23

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 24

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 26

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 29

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 53

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 54

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 56

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 59

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 63

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 64

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 66

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 69

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 73

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 74

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 76

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 79

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 84

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 1

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 13

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 14

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 16

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 19

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 23

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 24

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 26

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\secrets-rules.js

Line: 29

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 7

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 44

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 137

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 138

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 140

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 141

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 45

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 22

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 33

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

Missing HTTPS Enforcement - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 34

Description: Potential missing HTTPS enforcement

Recommendation: Always use HTTPS in production. Implement HSTS header.

HTTP/2 Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 110

Description: Potential HTTP/2 security issue

Recommendation: Implement proper HTTP/2 security configurations. Monitor for HTTP/2 specific attacks.

WebSocket Compression - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 132

Description: Potential WebSocket compression security issue

Recommendation: Implement proper WebSocket compression settings. Monitor for compression attacks.

Network Proxy Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 155

Description: Potential network proxy security issue

Recommendation: Configure proxies securely. Avoid using untrusted proxies.

Network DNS Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 166

Description: Potential network DNS security issue

Recommendation: Use secure DNS servers. Implement DNSSEC where possible.

Network Rate Limiting - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 171

Description: Potential missing network rate limiting

Recommendation: Implement rate limiting for network requests to prevent DoS attacks.

Network Rate Limiting - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 173

Description: Potential missing network rate limiting

Recommendation: Implement rate limiting for network requests to prevent DoS attacks.

Network Rate Limiting - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 174

Description: Potential missing network rate limiting

Recommendation: Implement rate limiting for network requests to prevent DoS attacks.

Network Rate Limiting - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 176

Description: Potential missing network rate limiting

Recommendation: Implement rate limiting for network requests to prevent DoS attacks.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 22

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 22

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 7

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 11

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 12

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 22

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 23

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 33

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 34

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 44

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 45

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 55

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 56

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 66

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 67

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\network-rules.js

Line: 75

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 21

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 65

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 21

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 62

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 65

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 21

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 62

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 65

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 21

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 65

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 20

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 21

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 31

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 32

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 42

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 43

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 53

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 54

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 62

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 64

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 65

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 75

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 76

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 86

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 87

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 97

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\mobile-app-security-rules.js

Line: 98

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 19

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 20

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 71

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 71

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 71

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 71

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 19

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 20

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 30

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 40

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 50

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 60

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 61

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 71

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 72

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 82

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 83

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 93

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 94

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 104

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 105

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 9

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 19

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 20

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 30

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 40

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 50

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 60

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 61

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 71

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 72

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 82

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 83

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 93

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 94

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 104

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 105

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\memory-leak-rules.js

Line: 24

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 89

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 91

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 92

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 49

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 50

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 51

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 92

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 100

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 102

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 103

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 13

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 19

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 92

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 100

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 102

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 103

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 13

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 19

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 13

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 19

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 49

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 50

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 51

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 49

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 50

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\input-rules.js

Line: 51

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 38

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 22

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 26

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 61

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

NoSQL Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 9

Description: Potential NoSQL injection

Recommendation: Use parameterized queries or input validation. Avoid concatenating user input.

NoSQL Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 11

Description: Potential NoSQL injection

Recommendation: Use parameterized queries or input validation. Avoid concatenating user input.

NoSQL Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 12

Description: Potential NoSQL injection

Recommendation: Use parameterized queries or input validation. Avoid concatenating user input.

GraphQL Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 25

Description: Potential GraphQL injection

Recommendation: Use parameterized queries and validate input types. Avoid string interpolation in queries.

CSV Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 87

Description: Potential CSV injection

Recommendation: Sanitize CSV output. Avoid user input in CSV headers or cells.

XML Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 99

Description: Potential XML injection

Recommendation: Use XML parsers with proper validation. Avoid string concatenation when building XML.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 142

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 51

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 137

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 140

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 143

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 22

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 26

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 61

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 22

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 26

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\injection-rules.js

Line: 61

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 33

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 39

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 43

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 44

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 47

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

CSP Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 49

Description: Potential Content Security Policy header manipulation

Recommendation: Fix Content Security Policy to prevent client input from affecting CSP headers.

Security Header Override - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 59

Description: Potential security header override by user input

Recommendation: Ensure security headers are not overridden by user input. Use server-side fixed header values.

Security Header Override - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 63

Description: Potential security header override by user input

Recommendation: Ensure security headers are not overridden by user input. Use server-side fixed header values.

Security Header Override - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 64

Description: Potential security header override by user input

Recommendation: Ensure security headers are not overridden by user input. Use server-side fixed header values.

Security Header Override - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 66

Description: Potential security header override by user input

Recommendation: Ensure security headers are not overridden by user input. Use server-side fixed header values.

Security Header Override - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 67

Description: Potential security header override by user input

Recommendation: Ensure security headers are not overridden by user input. Use server-side fixed header values.

Security Header Override - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 73

Description: Potential security header override by user input

Recommendation: Ensure security headers are not overridden by user input. Use server-side fixed header values.

Security Header Override - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 74

Description: Potential security header override by user input

Recommendation: Ensure security headers are not overridden by user input. Use server-side fixed header values.

Security Header Override - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 76

Description: Potential security header override by user input

Recommendation: Ensure security headers are not overridden by user input. Use server-side fixed header values.

Security Header Override - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 77

Description: Potential security header override by user input

Recommendation: Ensure security headers are not overridden by user input. Use server-side fixed header values.

Security Header Override - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 83

Description: Potential security header override by user input

Recommendation: Ensure security headers are not overridden by user input. Use server-side fixed header values.

Security Header Override - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 84

Description: Potential security header override by user input

Recommendation: Ensure security headers are not overridden by user input. Use server-side fixed header values.

Security Header Override - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 86

Description: Potential security header override by user input

Recommendation: Ensure security headers are not overridden by user input. Use server-side fixed header values.

Security Header Override - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 87

Description: Potential security header override by user input

Recommendation: Ensure security headers are not overridden by user input. Use server-side fixed header values.

Security Header Override - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 93

Description: Potential security header override by user input

Recommendation: Ensure security headers are not overridden by user input. Use server-side fixed header values.

Security Header Override - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 94

Description: Potential security header override by user input

Recommendation: Ensure security headers are not overridden by user input. Use server-side fixed header values.

Security Header Override - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 96

Description: Potential security header override by user input

Recommendation: Ensure security headers are not overridden by user input. Use server-side fixed header values.

Security Header Override - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 97

Description: Potential security header override by user input

Recommendation: Ensure security headers are not overridden by user input. Use server-side fixed header values.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 19

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 29

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 39

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 49

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 59

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 69

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 79

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 89

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 99

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 109

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Cache Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 33

Description: Potential API cache security issue

Recommendation: Implement proper cache control for API responses. Avoid caching sensitive data.

API Cache Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 39

Description: Potential API cache security issue

Recommendation: Implement proper cache control for API responses. Avoid caching sensitive data.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 9

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 19

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\http-header-rules.js

Line: 29

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\file-system-rules.js

Line: 22

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\file-system-rules.js

Line: 43

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\file-system-rules.js

Line: 44

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\file-system-rules.js

Line: 1

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\file-system-rules.js

Line: 3

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\file-system-rules.js

Line: 93

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\file-system-rules.js

Line: 21

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\file-system-rules.js

Line: 22

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\file-system-rules.js

Line: 43

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\file-system-rules.js

Line: 44

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Insecure File Upload - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\file-system-rules.js

Line: 32

Description: Potential insecure file upload

Recommendation: Validate file type, size, and content. Store uploads outside web root.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\file-system-rules.js

Line: 22

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\file-system-rules.js

Line: 43

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\file-system-rules.js

Line: 44

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 74

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 43

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 44

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 43

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 44

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 43

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 44

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 20

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 21

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 22

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 32

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 33

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 43

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 44

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 54

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 55

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 59

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 60

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 62

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 63

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 65

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 66

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 74

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 76

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 77

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\encryption-rules.js

Line: 81

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 85

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 21

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 22

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 65

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 66

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 43

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

DOM Reference Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 10

Description: Potential memory leak from DOM references

Recommendation: Remove DOM references when elements are no longer needed.

SVG XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 20

Description: Potential XSS via SVG content

Recommendation: Sanitize SVG content before rendering. Avoid using user-provided SVG directly.

CSS Expression XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 29

Description: Potential XSS via CSS expression()

Recommendation: Avoid using CSS expression() function. Use modern CSS instead.

CSS Expression XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 30

Description: Potential XSS via CSS expression()

Recommendation: Avoid using CSS expression() function. Use modern CSS instead.

DOM-based XSS (Location Hash) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 85

Description: Potential DOM-based XSS via location hash

Recommendation: Avoid using location.hash directly without sanitization.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 10

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 10

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 10

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 20

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 21

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 22

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 32

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 33

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 43

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 44

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 54

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 55

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 65

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 66

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 76

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 77

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 87

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 97

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 9

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 10

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 20

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 21

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 22

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 32

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 33

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 43

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 44

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 54

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dom-security-rules.js

Line: 55

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 7

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 20

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 86

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 7

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 14

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 15

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 17

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 18

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 20

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 7

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 14

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 15

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 17

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 18

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 20

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 20

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 7

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 14

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 15

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 17

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 18

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 20

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 21

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\devops-security-rules.js

Line: 31

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 53

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 54

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 56

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 57

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 59

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 53

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 54

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 56

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 57

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 59

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 53

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 54

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 56

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 57

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 59

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 193

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 194

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 196

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 197

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 199

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 193

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 194

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 196

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 197

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 199

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 193

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\dependency-rules.js

Line: 194

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 64

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 65

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 67

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 70

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 64

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 65

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 67

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 70

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 64

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 65

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 67

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 70

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 3

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 4

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 6

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 7

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 17

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 23

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 27

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 43

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 44

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 46

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 47

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 49

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 50

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 54

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 55

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 57

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 58

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 60

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 64

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 65

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 67

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 68

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 70

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 3

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 4

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 6

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\csrf-rules.js

Line: 7

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 34

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 36

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 37

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 39

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 19

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 29

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 39

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 49

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 59

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Cache Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 34

Description: Potential API cache security issue

Recommendation: Implement proper cache control for API responses. Avoid caching sensitive data.

API Cache Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 36

Description: Potential API cache security issue

Recommendation: Implement proper cache control for API responses. Avoid caching sensitive data.

API Cache Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 37

Description: Potential API cache security issue

Recommendation: Implement proper cache control for API responses. Avoid caching sensitive data.

API Cache Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 39

Description: Potential API cache security issue

Recommendation: Implement proper cache control for API responses. Avoid caching sensitive data.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 9

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 19

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 29

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 39

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 49

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 59

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Timeout Handling - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 7

Description: Potential API timeout handling issue

Recommendation: Implement proper timeout handling for API requests to prevent DoS attacks.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 47

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 7

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 13

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 14

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 16

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 17

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 19

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 27

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Identity Security - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 17

Description: Potential cloud identity and access management security issue

Recommendation: Implement least privilege principle. Rotate access keys regularly. Use temporary credentials.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 9

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 19

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 29

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 39

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 49

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 59

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 9

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 19

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 29

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 39

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 49

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 59

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 6

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 16

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 17

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 26

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 36

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cookie-rules.js

Line: 46

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 79

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 80

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 82

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 83

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 105

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 108

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 105

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 108

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 20

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 21

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 31

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 32

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 42

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 43

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 53

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 54

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 64

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 74

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 75

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 85

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 86

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 96

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 97

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 105

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 107

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 108

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 9

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 10

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 20

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 21

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 31

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 32

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 42

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 43

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 53

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 54

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 64

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 74

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 75

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 85

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 86

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 96

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 97

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 105

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\container-security-rules.js

Line: 107

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 29

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 32

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 51

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 40

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 51

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 84

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 87

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 40

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 40

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 42

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 40

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 20

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 21

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 31

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 32

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 40

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 42

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 43

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 53

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 54

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 64

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 65

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 75

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 76

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 86

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 87

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 97

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 98

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 108

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 109

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 9

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 10

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 20

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 21

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 31

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 32

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 40

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 42

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\compliance-security-rules.js

Line: 43

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 18

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 76

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

NoSQL Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 42

Description: Potential NoSQL injection

Recommendation: Use parameterized queries or input validation. Avoid concatenating user input.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 10

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 25

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 26

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 28

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 31

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 32

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 69

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 70

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 72

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 73

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 75

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 76

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 32

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 69

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 70

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 72

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 73

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 75

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\cloud-service-rules.js

Line: 76

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 18

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 106

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 109

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 108

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Network Rate Limiting - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 62

Description: Potential missing network rate limiting

Recommendation: Implement rate limiting for network requests to prevent DoS attacks.

Network Rate Limiting - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 64

Description: Potential missing network rate limiting

Recommendation: Implement rate limiting for network requests to prevent DoS attacks.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 108

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 18

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 20

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 21

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 31

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 32

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 42

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 43

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 53

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 54

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 64

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 65

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 75

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 76

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 86

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 87

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 97

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 98

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 106

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 108

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 109

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 9

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 10

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 18

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 20

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 21

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 31

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 32

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 42

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 43

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 53

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 54

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 64

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 65

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 75

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 76

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\business-logic-security-rules.js

Line: 86

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 1

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 21

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 47

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 48

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 50

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 53

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 54

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 75

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 80

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 81

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 83

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 84

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 86

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 92

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Privilege Escalation - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 31

Description: Potential privilege escalation vulnerability

Recommendation: Always verify user permissions before performing privileged operations.

OAuth Flow Vulnerability - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 54

Description: Potential OAuth flow vulnerability

Recommendation: Use PKCE for public clients. Validate state parameter to prevent CSRF.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 51

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 53

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 53

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 53

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 1

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 20

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 21

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 31

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 32

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 36

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 37

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 39

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 40

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 42

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 43

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 47

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 48

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 50

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 53

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\authentication-rules.js

Line: 54

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 10

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 31

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 36

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 37

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 39

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 40

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 42

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 47

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 48

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 50

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 51

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 98

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 119

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Cache Control Bypass - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 86

Description: Potential cache control header manipulation

Recommendation: Fix cache control policies to prevent client input from affecting cache control headers.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 54

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 64

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 65

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 131

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 54

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 64

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 65

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\rules\modules\api-security-rules.js

Line: 131

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 789

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 794

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 795

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 799

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 803

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 807

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 814

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 815

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 816

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 818

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 821

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 823

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 826

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 828

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 831

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 833

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 839

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 841

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 848

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 850

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 860

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 128

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 129

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 269

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 328

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 572

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 325

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 326

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 327

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 328

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 342

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 343

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 344

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 345

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 359

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 360

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 361

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 362

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 376

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 377

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 378

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 379

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 393

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 394

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 395

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 1

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\reporting\advanced-report-generator.js

Line: 2

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 273

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 197

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Closure Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 166

Description: Potential memory leak from closures

Recommendation: Avoid creating unnecessary closures. Clean up references in closures when no longer needed.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 176

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 94

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 100

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 108

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 115

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 100

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 115

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 127

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 152

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 225

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 197

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 184

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 234

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 94

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 108

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 167

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 94

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 100

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 108

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 115

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 94

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 100

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 1

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 2

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 3

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\integration\trae-cn-integration.js

Line: 273

Description: Calling setTimeout with potentially unsafe data

Recommendation: Avoid using setTimeout with user-provided data. Consider using safer alternatives.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 57

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 17

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 58

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 77

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 86

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 99

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 108

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 119

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 123

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Network DNS Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 81

Description: Potential network DNS security issue

Recommendation: Use secure DNS servers. Implement DNSSEC where possible.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 77

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 86

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 99

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 108

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 119

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 123

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

Deployment Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 32

Description: Potential deployment process security issue

Recommendation: Secure deployment pipelines. Implement environment isolation and access controls.

Deployment Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 47

Description: Potential deployment process security issue

Recommendation: Secure deployment pipelines. Implement environment isolation and access controls.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 48

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 49

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 55

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 128

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 145

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 5

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 38

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 39

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 44

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 45

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 47

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 52

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 187

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 32

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 47

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 10

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 93

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 159

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 182

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 10

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 93

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 159

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 182

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

Business Flow Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 28

Description: Potential business flow bypass vulnerability

Recommendation: Implement server-side validation of business processes. Use state machines for complex workflows. Verify all steps in business processes.

Business Flow Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 49

Description: Potential business flow bypass vulnerability

Recommendation: Implement server-side validation of business processes. Use state machines for complex workflows. Verify all steps in business processes.

Business Flow Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 69

Description: Potential business flow bypass vulnerability

Recommendation: Implement server-side validation of business processes. Use state machines for complex workflows. Verify all steps in business processes.

Business Flow Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 89

Description: Potential business flow bypass vulnerability

Recommendation: Implement server-side validation of business processes. Use state machines for complex workflows. Verify all steps in business processes.

Business Flow Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 111

Description: Potential business flow bypass vulnerability

Recommendation: Implement server-side validation of business processes. Use state machines for complex workflows. Verify all steps in business processes.

Business Flow Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 127

Description: Potential business flow bypass vulnerability

Recommendation: Implement server-side validation of business processes. Use state machines for complex workflows. Verify all steps in business processes.

Business Flow Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 136

Description: Potential business flow bypass vulnerability

Recommendation: Implement server-side validation of business processes. Use state machines for complex workflows. Verify all steps in business processes.

Business Flow Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 144

Description: Potential business flow bypass vulnerability

Recommendation: Implement server-side validation of business processes. Use state machines for complex workflows. Verify all steps in business processes.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 1

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 2

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 3

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\task-distributor.js

Line: 57

Description: Calling setTimeout with potentially unsafe data

Recommendation: Avoid using setTimeout with user-provided data. Consider using safer alternatives.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 37

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 67

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 77

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 203

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 18

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 26

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 61

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 64

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 184

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 187

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 191

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 218

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 224

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 37

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 67

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 77

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 203

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 25

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 57

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 206

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 25

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 57

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 206

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Deletion - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 190

Description: Potentially insecure file deletion

Recommendation: Validate file paths before deletion. Avoid deleting files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 37

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 67

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 77

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 203

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

Unsafe JSON.parse() Usage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 37

Description: Potentially unsafe use of JSON.parse()

Recommendation: Validate and sanitize input before parsing with JSON.parse().

Unsafe JSON.parse() Usage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 67

Description: Potentially unsafe use of JSON.parse()

Recommendation: Validate and sanitize input before parsing with JSON.parse().

Unsafe JSON.parse() Usage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 77

Description: Potentially unsafe use of JSON.parse()

Recommendation: Validate and sanitize input before parsing with JSON.parse().

Unsafe JSON.parse() Usage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 203

Description: Potentially unsafe use of JSON.parse()

Recommendation: Validate and sanitize input before parsing with JSON.parse().

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 64

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 187

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 26

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 191

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 218

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 224

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 70

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 78

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

Deployment Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 48

Description: Potential deployment process security issue

Recommendation: Secure deployment pipelines. Implement environment isolation and access controls.

Cloud Storage Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 7

Description: Potential cloud storage security issue

Recommendation: Secure cloud storage buckets with proper access controls. Use encryption for sensitive data.

Cloud Storage Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 8

Description: Potential cloud storage security issue

Recommendation: Secure cloud storage buckets with proper access controls. Use encryption for sensitive data.

Cloud Storage Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 11

Description: Potential cloud storage security issue

Recommendation: Secure cloud storage buckets with proper access controls. Use encryption for sensitive data.

Cloud Storage Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 12

Description: Potential cloud storage security issue

Recommendation: Secure cloud storage buckets with proper access controls. Use encryption for sensitive data.

Cloud Storage Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 13

Description: Potential cloud storage security issue

Recommendation: Secure cloud storage buckets with proper access controls. Use encryption for sensitive data.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 1

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\result-aggregator.js

Line: 2

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 126

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Missing CSRF Token - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 126

Description: HTTP request missing CSRF protection token

Recommendation: Add CSRF token validation mechanism to HTTP requests. Ensure server-side CSRF token verification.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 113

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Closure Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 47

Description: Potential memory leak from closures

Recommendation: Avoid creating unnecessary closures. Clean up references in closures when no longer needed.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 128

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 131

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 22

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 26

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 27

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 31

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 40

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 41

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 44

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 59

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 68

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 71

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 72

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 73

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 74

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 83

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 84

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 96

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 118

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 126

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 138

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 193

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 45

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 131

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

SSRF (Server-Side Request Forgery) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 126

Description: Potential SSRF injection

Recommendation: Validate and sanitize all URL inputs. Implement network-level controls to restrict outbound requests.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 2

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 131

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 131

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Missing Network Retry - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 126

Description: Potential missing network retry mechanism

Recommendation: Implement retry logic for transient network failures to improve reliability.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 141

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 68

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Error Handling Leakage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 138

Description: Potential API error handling information leakage

Recommendation: Implement generic error messages for API responses. Log detailed errors internally only.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 22

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 27

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 31

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 40

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 41

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 44

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 45

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 71

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 72

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 73

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 74

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 84

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 96

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 1

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 2

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 3

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 4

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 48

Description: Calling .executeTasksOnWorker with potentially unsafe data

Recommendation: Avoid using .executeTasksOnWorker with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 88

Description: Calling .executeTaskOnWorker with potentially unsafe data

Recommendation: Avoid using .executeTaskOnWorker with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 126

Description: Using fetch which may have security implications

Recommendation: Review the usage of fetch and ensure proper security measures are in place.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 147

Description: Calling .executeTaskOnRemoteWorker with potentially unsafe data

Recommendation: Avoid using .executeTaskOnRemoteWorker with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\distributed\distributed-scanner.js

Line: 149

Description: Calling .executeTaskLocally with potentially unsafe data

Recommendation: Avoid using .executeTaskLocally with user-provided data. Consider using safer alternatives.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 97

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 174

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 194

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue 3 Reactive API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 128

Description: Vue 3 Reactive API usage with potential security concern

Recommendation: Review Reactive API usage to ensure proper validation of reactive data sources and avoid unintended exposure of sensitive information.

Closure Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 47

Description: Potential memory leak from closures

Recommendation: Avoid creating unnecessary closures. Clean up references in closures when no longer needed.

Closure Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 245

Description: Potential memory leak from closures

Recommendation: Avoid creating unnecessary closures. Clean up references in closures when no longer needed.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 56

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 68

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 74

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 252

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 5

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 6

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 7

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 8

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 163

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 175

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 189

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 195

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Network DNS Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 25

Description: Potential network DNS security issue

Recommendation: Use secure DNS servers. Implement DNSSEC where possible.

Network DNS Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 241

Description: Potential network DNS security issue

Recommendation: Use secure DNS servers. Implement DNSSEC where possible.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 163

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 175

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 189

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 195

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 175

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 195

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 68

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 69

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 74

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 75

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 77

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 162

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 163

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 174

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 175

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 188

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 189

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 194

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 195

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 56

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 252

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 68

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 69

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 4

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 6

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 7

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 8

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 162

Description: Property hardcoded-password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 163

Description: Property hardcoded-secret appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 174

Description: Property improper-authentication appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 175

Description: Property csrf-missing-token appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 188

Description: Property hardcoded-password appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 189

Description: Property hardcoded-secret appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 194

Description: Property improper-authentication appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\core\vulnerability-detector.js

Line: 195

Description: Property csrf-missing-token appears to contain a hardcoded value

Recommendation: Move sensitive configuration to environment variables

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 8

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 72

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 142

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 143

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 87

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 17

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 87

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 87

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 62

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 68

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 69

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 72

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 73

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Insecure HTTP Method - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 74

Description: Potential insecure HTTP method usage

Recommendation: Use appropriate HTTP methods. Avoid GET for sensitive operations.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 62

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 68

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 69

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 72

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 73

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

Missing Encryption - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 74

Description: Potentially missing data encryption

Recommendation: Encrypt sensitive data at rest and in transit.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 69

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 72

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Rate Limiting Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 73

Description: Potential API rate limiting bypass vulnerability

Recommendation: Implement proper rate limiting with consistent identifiers (e.g., IP, API key) and verify implementation.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 62

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 67

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 68

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 69

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 70

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 71

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 72

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 73

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 74

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 142

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 62

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 67

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 68

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 69

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 70

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 71

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\config\default-config.js

Line: 72

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 27

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via dangerouslySetInnerHTML - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 39

Description: Using dangerouslySetInnerHTML can lead to XSS vulnerabilities

Recommendation: Avoid using dangerouslySetInnerHTML with user-provided content. Sanitize the content before use.

XSS via dangerouslySetInnerHTML - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 42

Description: Using dangerouslySetInnerHTML can lead to XSS vulnerabilities

Recommendation: Avoid using dangerouslySetInnerHTML with user-provided content. Sanitize the content before use.

XSS via dangerouslySetInnerHTML - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 46

Description: Using dangerouslySetInnerHTML can lead to XSS vulnerabilities

Recommendation: Avoid using dangerouslySetInnerHTML with user-provided content. Sanitize the content before use.

XSS via dangerouslySetInnerHTML - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 47

Description: Using dangerouslySetInnerHTML can lead to XSS vulnerabilities

Recommendation: Avoid using dangerouslySetInnerHTML with user-provided content. Sanitize the content before use.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 592

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 1014

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 39

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 42

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 46

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 47

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 373

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 591

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 967

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 274

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 275

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 73

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 93

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 220

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 393

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 394

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 395

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

State Management Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 638

Description: State management usage with potential security concern

Recommendation: Avoid storing sensitive information in client-side state without encryption. Validate all data before committing to store.

State Management Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 1060

Description: State management usage with potential security concern

Recommendation: Avoid storing sensitive information in client-side state without encryption. Validate all data before committing to store.

State Management Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 1061

Description: State management usage with potential security concern

Recommendation: Avoid storing sensitive information in client-side state without encryption. Validate all data before committing to store.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 65

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 80

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 115

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 241

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 334

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 431

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 491

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 706

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Slot Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 542

Description: Vue slot usage with potential security concern

Recommendation: Be cautious with slot content from untrusted sources.

Vue Slot Security Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 1145

Description: Vue slot usage with potential security concern

Recommendation: Be cautious with slot content from untrusted sources.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 1

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 268

Description: Calling evalMatches.forEach with potentially unsafe data

Recommendation: Avoid using evalMatches.forEach with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\checks\security-checks.js

Line: 783

Description: Calling regex.exec with potentially unsafe data

Recommendation: Avoid using regex.exec with user-provided data. Consider using safer alternatives.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 26

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 66

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 97

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 327

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 353

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 410

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 144

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 186

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 281

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 284

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 288

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 60

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 321

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 72

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 74

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 75

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 79

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 102

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 104

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 105

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 109

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 147

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 150

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 154

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 171

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 332

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 334

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 335

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 339

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 357

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 359

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 360

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 364

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 421

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 423

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 424

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 428

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 26

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 66

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 97

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 327

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 353

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 410

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 60

Description: Potential command injection vulnerability

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 321

Description: Potential command injection vulnerability

Recommendation: Never execute commands with user input. Use safe APIs instead.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 5

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 281

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 1

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 2

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 3

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 4

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 60

Description: Calling execSync with potentially unsafe data

Recommendation: Avoid using execSync with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dependency-scanner.js

Line: 321

Description: Calling execSync with potentially unsafe data

Recommendation: Avoid using execSync with user-provided data. Consider using safer alternatives.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 34

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 37

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 16

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 62

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 236

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 237

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 382

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 399

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 403

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 419

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 443

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 471

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 476

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 621

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 622

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 629

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 630

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 550

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 555

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 556

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 577

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 606

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 610

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 614

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 618

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 622

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 626

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 630

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 634

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Closure Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 164

Description: Potential memory leak from closures

Recommendation: Avoid creating unnecessary closures. Clean up references in closures when no longer needed.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 17

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 133

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

Request Header Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 531

Description: Potential HTTP header injection vulnerability in request headers

Recommendation: Avoid using user-provided data directly in request headers. Use whitelist validation for input.

SVG XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 37

Description: Potential XSS via SVG content

Recommendation: Sanitize SVG content before rendering. Avoid using user-provided SVG directly.

DOM-based XSS (Event Handler) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 34

Description: Potential DOM-based XSS via event handlers

Recommendation: Avoid assigning user-controllable values to event handlers. Use addEventListener instead of inline handlers.

DOM-based XSS (Event Handler) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 37

Description: Potential DOM-based XSS via event handlers

Recommendation: Avoid assigning user-controllable values to event handlers. Use addEventListener instead of inline handlers.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 538

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

NoSQL Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 187

Description: Potential NoSQL injection

Recommendation: Use parameterized queries or input validation. Avoid concatenating user input.

NoSQL Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 189

Description: Potential NoSQL injection

Recommendation: Use parameterized queries or input validation. Avoid concatenating user input.

NoSQL Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 190

Description: Potential NoSQL injection

Recommendation: Use parameterized queries or input validation. Avoid concatenating user input.

NoSQL Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 191

Description: Potential NoSQL injection

Recommendation: Use parameterized queries or input validation. Avoid concatenating user input.

NoSQL Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 192

Description: Potential NoSQL injection

Recommendation: Use parameterized queries or input validation. Avoid concatenating user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 77

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 78

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 104

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 105

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 4

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 6

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 7

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\dast-scanner.js

Line: 131

Description: Using axios.get which may have security implications

Recommendation: Review the usage of axios.get and ensure proper security measures are in place.

XSS via dangerouslySetInnerHTML - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 413

Description: Using dangerouslySetInnerHTML can lead to XSS vulnerabilities

Recommendation: Avoid using dangerouslySetInnerHTML with user-provided content. Sanitize the content before use.

DOM-based XSS (Location) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 447

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 340

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 341

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 342

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 377

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 378

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 379

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 413

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 414

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 443

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 444

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 27

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 44

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 164

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 169

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 171

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 175

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 179

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 180

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 318

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 319

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 321

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 322

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 323

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 393

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 410

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 423

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 424

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 434

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

React JSX XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 435

Description: Potential XSS vulnerability in React JSX

Recommendation: Avoid using dangerouslySetInnerHTML. Use Reacts built-in escaping for user content.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 417

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 418

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 419

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 461

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 478

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 66

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

SQL Injection via Sequelize - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 364

Description: Potential SQL injection through user input in Sequelize queries

Recommendation: Always use parameterized queries or Sequelize's built-in query builders. Never concatenate user input directly into SQL queries.

SQL Injection via Sequelize - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 365

Description: Potential SQL injection through user input in Sequelize queries

Recommendation: Always use parameterized queries or Sequelize's built-in query builders. Never concatenate user input directly into SQL queries.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 334

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 333

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 447

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Closure Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 422

Description: Potential memory leak from closures

Recommendation: Avoid creating unnecessary closures. Clean up references in closures when no longer needed.

CSS Expression XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 25

Description: Potential XSS via CSS expression()

Recommendation: Avoid using CSS expression() function. Use modern CSS instead.

CSS Expression XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 26

Description: Potential XSS via CSS expression()

Recommendation: Avoid using CSS expression() function. Use modern CSS instead.

CSS Expression XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 28

Description: Potential XSS via CSS expression()

Recommendation: Avoid using CSS expression() function. Use modern CSS instead.

CSS Expression XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 86

Description: Potential XSS via CSS expression()

Recommendation: Avoid using CSS expression() function. Use modern CSS instead.

CSS Expression XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 135

Description: Potential XSS via CSS expression()

Recommendation: Avoid using CSS expression() function. Use modern CSS instead.

CSS Expression XSS - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 195

Description: Potential XSS via CSS expression()

Recommendation: Avoid using CSS expression() function. Use modern CSS instead.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 1

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 2

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 3

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 93

Description: Calling .isDangerousFunction with potentially unsafe data

Recommendation: Avoid using .isDangerousFunction with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\src\analysis\ast-analyzer.js

Line: 347

Description: Calling dangerousFunctions.some with potentially unsafe data

Recommendation: Avoid using dangerousFunctions.some with user-provided data. Consider using safer alternatives.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 318

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 323

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 324

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 328

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 332

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 336

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 343

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 353

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 17

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 236

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 7

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 204

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 300

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 317

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 363

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 132

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 170

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 227

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 230

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 239

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 269

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 282

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 285

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 293

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 349

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 385

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 414

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 415

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 417

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 419

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 420

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 422

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 425

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 446

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 448

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 452

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 460

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 268

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 284

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 300

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 317

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 363

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 300

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 317

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 363

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Unsafe Dynamic Import - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 44

Description: Potentially unsafe dynamic import

Recommendation: Ensure dynamic imports use statically analyzable strings or properly validate the import path.

Unsafe Dynamic Import - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\index.js

Line: 45

Description: Potentially unsafe dynamic import

Recommendation: Ensure dynamic imports use statically analyzable strings or properly validate the import path.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 7

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 11

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 17

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 19

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 20

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 23

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 6

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 14

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 15

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 16

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 6

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 7

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 10

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 14

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 15

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 16

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 20

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 6

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 14

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 16

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 20

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

Business Flow Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 24

Description: Potential business flow bypass vulnerability

Recommendation: Implement server-side validation of business processes. Use state machines for complex workflows. Verify all steps in business processes.

Business Logic Resource Exhaustion - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 15

Description: Potential resource exhaustion via business logic

Recommendation: Implement rate limiting for business operations. Set reasonable limits on resource usage. Monitor for unusual activity patterns.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 7

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 11

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 17

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 19

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 20

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 7

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 11

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 17

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 19

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 20

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 23

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Mobile App Sensitive Information Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 7

Description: Potential mobile app sensitive information leakage

Recommendation: Avoid logging sensitive information. Implement secure logging practices. Use environment variables for secrets.

Mobile App Sensitive Information Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 11

Description: Potential mobile app sensitive information leakage

Recommendation: Avoid logging sensitive information. Implement secure logging practices. Use environment variables for secrets.

Mobile App Sensitive Information Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 17

Description: Potential mobile app sensitive information leakage

Recommendation: Avoid logging sensitive information. Implement secure logging practices. Use environment variables for secrets.

Mobile App Sensitive Information Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 19

Description: Potential mobile app sensitive information leakage

Recommendation: Avoid logging sensitive information. Implement secure logging practices. Use environment variables for secrets.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 2

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\validate-package.js

Line: 6

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 29

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 78

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 95

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 29

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 66

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 88

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 5

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 10

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 14

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 31

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 36

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 41

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 45

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 51

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 53

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 57

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 58

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 60

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 68

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 90

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 92

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 93

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 94

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 95

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 96

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 97

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 98

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Supply Chain Attack Protection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 78

Description: Potential supply chain attack vulnerability

Recommendation: Implement software composition analysis (SCA). Verify package integrity and signatures.

Supply Chain Attack Protection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 95

Description: Potential supply chain attack vulnerability

Recommendation: Implement software composition analysis (SCA). Verify package integrity and signatures.

Supply Chain Attack Protection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 16

Description: Potential supply chain attack vulnerability

Recommendation: Implement software composition analysis (SCA). Verify package integrity and signatures.

Supply Chain Attack Protection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 28

Description: Potential supply chain attack vulnerability

Recommendation: Implement software composition analysis (SCA). Verify package integrity and signatures.

Supply Chain Attack Protection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 31

Description: Potential supply chain attack vulnerability

Recommendation: Implement software composition analysis (SCA). Verify package integrity and signatures.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 25

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 94

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 25

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 20

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 50

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 57

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 25

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 94

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Cloud Resource Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 45

Description: Potential cloud resource security issue

Recommendation: Monitor and secure all cloud resources. Remove unused resources. Implement resource tagging.

Cloud Resource Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 83

Description: Potential cloud resource security issue

Recommendation: Monitor and secure all cloud resources. Remove unused resources. Implement resource tagging.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 20

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 22

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 34

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 65

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 66

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 82

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 83

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 2

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\run-npm-test.js

Line: 3

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 13

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 15

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 3

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 7

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 13

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 15

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 19

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 20

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 2

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 12

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 2

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 10

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 20

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 2

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 10

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 20

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

Business Logic Resource Exhaustion - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 10

Description: Potential resource exhaustion via business logic

Recommendation: Implement rate limiting for business operations. Set reasonable limits on resource usage. Monitor for unusual activity patterns.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 3

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 7

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 13

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 15

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 19

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 20

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 3

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 7

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 13

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 15

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 19

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 20

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Mobile App Sensitive Information Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 3

Description: Potential mobile app sensitive information leakage

Recommendation: Avoid logging sensitive information. Implement secure logging practices. Use environment variables for secrets.

Mobile App Sensitive Information Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 7

Description: Potential mobile app sensitive information leakage

Recommendation: Avoid logging sensitive information. Implement secure logging practices. Use environment variables for secrets.

Mobile App Sensitive Information Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 13

Description: Potential mobile app sensitive information leakage

Recommendation: Avoid logging sensitive information. Implement secure logging practices. Use environment variables for secrets.

Mobile App Sensitive Information Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 15

Description: Potential mobile app sensitive information leakage

Recommendation: Avoid logging sensitive information. Implement secure logging practices. Use environment variables for secrets.

Mobile App Sensitive Information Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 19

Description: Potential mobile app sensitive information leakage

Recommendation: Avoid logging sensitive information. Implement secure logging practices. Use environment variables for secrets.

Mobile App Sensitive Information Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 20

Description: Potential mobile app sensitive information leakage

Recommendation: Avoid logging sensitive information. Implement secure logging practices. Use environment variables for secrets.

Console Log in Production - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 3

Description: 检测生产环境中的console.log

Recommendation: 移除或使用日志库替代console.log

Console Log in Production - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 7

Description: 检测生产环境中的console.log

Recommendation: 移除或使用日志库替代console.log

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\npm-publish-test.js

Line: 2

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 392

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 404

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 405

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Circular Reference - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 41

Description: Potential circular reference causing memory leak

Recommendation: Avoid creating circular references, especially between different objects.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 335

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 336

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 129

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 327

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 382

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 390

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 416

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 174

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 239

Description: Potential command injection

Recommendation: Never execute commands with user input. Use safe APIs instead.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 133

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 150

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 169

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 174

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 204

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 208

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 298

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 315

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 356

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 357

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 358

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 359

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 360

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 365

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 366

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 367

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 368

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 377

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 403

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 421

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 570

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 129

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 352

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

Command Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 174

Description: Potential command injection vulnerability

Recommendation: Never execute commands with user input. Use safe APIs instead.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 57

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 382

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 390

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 416

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 382

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 390

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 416

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 165

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Deletion - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 190

Description: Potentially insecure file deletion

Recommendation: Validate file paths before deletion. Avoid deleting files based on user input.

Insecure File Deletion - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 192

Description: Potentially insecure file deletion

Recommendation: Validate file paths before deletion. Avoid deleting files based on user input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 6

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 7

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 8

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 53

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 57

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 74

Description: Calling require.resolve with potentially unsafe data

Recommendation: Avoid using require.resolve with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 93

Description: Calling require.resolve with potentially unsafe data

Recommendation: Avoid using require.resolve with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 173

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 174

Description: Calling execSync with potentially unsafe data

Recommendation: Avoid using execSync with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 239

Description: Calling vulnRegex.exec with potentially unsafe data

Recommendation: Avoid using vulnRegex.exec with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 433

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-vue-security-scanner.js

Line: 473

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 27

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 99

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 123

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 147

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 63

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 101

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 27

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 99

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 123

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 147

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 43

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 53

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 79

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 89

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 114

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 133

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 136

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 164

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 168

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 173

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 10

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 10

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 23

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 43

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 47

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 50

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 53

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 59

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 79

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 83

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 86

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 89

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 95

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 108

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 111

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 114

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 120

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 130

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 133

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 136

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 142

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 158

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 161

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 164

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 168

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 171

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 173

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 184

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 9

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Monitoring Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 35

Description: Potential cloud monitoring security issue

Recommendation: Implement proper monitoring and logging. Set up alerts for security events.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 6

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-test.js

Line: 7

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 20

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 113

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 180

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 210

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 46

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 73

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 74

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 181

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 34

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 182

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 20

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 113

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 180

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 183

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 210

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 219

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

Circular Reference - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 62

Description: Potential circular reference causing memory leak

Recommendation: Avoid creating circular references, especially between different objects.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 11

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 149

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 152

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 153

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 158

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 163

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 167

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 189

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 194

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 197

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 235

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 236

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 237

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Missing Input Validation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 21

Description: Input binding without apparent validation

Recommendation: Add proper input validation and sanitization for all user inputs.

Missing Input Validation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 47

Description: Input binding without apparent validation

Recommendation: Add proper input validation and sanitization for all user inputs.

Missing Input Validation - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 211

Description: Input binding without apparent validation

Recommendation: Add proper input validation and sanitization for all user inputs.

Missing Input Pattern Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 21

Description: Input without pattern validation

Recommendation: Add pattern validation for inputs to ensure they match expected formats.

Missing Input Pattern Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 47

Description: Input without pattern validation

Recommendation: Add pattern validation for inputs to ensure they match expected formats.

Missing Input Pattern Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 182

Description: Input without pattern validation

Recommendation: Add pattern validation for inputs to ensure they match expected formats.

Missing Input Pattern Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 211

Description: Input without pattern validation

Recommendation: Add pattern validation for inputs to ensure they match expected formats.

Missing Input Length Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 21

Description: Input without length validation

Recommendation: Add length validation for inputs to prevent excessive data submission.

Missing Input Length Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 47

Description: Input without length validation

Recommendation: Add length validation for inputs to prevent excessive data submission.

Missing Input Length Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 182

Description: Input without length validation

Recommendation: Add length validation for inputs to prevent excessive data submission.

Missing Input Length Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 211

Description: Input without length validation

Recommendation: Add length validation for inputs to prevent excessive data submission.

Missing Input Type Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 21

Description: Input without proper type validation

Recommendation: Use appropriate input types (e.g., email, number, tel) to enable browser validation.

Missing Input Type Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 47

Description: Input without proper type validation

Recommendation: Use appropriate input types (e.g., email, number, tel) to enable browser validation.

Missing Input Type Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 182

Description: Input without proper type validation

Recommendation: Use appropriate input types (e.g., email, number, tel) to enable browser validation.

Missing Input Type Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 211

Description: Input without proper type validation

Recommendation: Use appropriate input types (e.g., email, number, tel) to enable browser validation.

Unsafe eval() Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 34

Description: Potentially unsafe use of eval()

Recommendation: Avoid using eval() with user input. Use safer alternatives like Function() or JSON.parse().

Unsafe eval() Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 182

Description: Potentially unsafe use of eval()

Recommendation: Avoid using eval() with user input. Use safer alternatives like Function() or JSON.parse().

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 11

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 91

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 108

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 6

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-integration-example.js

Line: 7

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 21

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 67

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 111

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 83

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 112

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 36

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (Eval) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 113

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 21

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 67

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 111

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

DOM-based XSS (Events) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 30

Description: Potential DOM-based XSS vulnerability via event handlers

Recommendation: Avoid setting event handlers with user-controllable data. Use addEventListener with proper validation.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 44

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 45

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 46

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 47

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 62

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 101

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 102

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 106

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 107

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 117

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 119

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Missing Input Pattern Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 113

Description: Input without pattern validation

Recommendation: Add pattern validation for inputs to ensure they match expected formats.

Missing Input Length Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 113

Description: Input without length validation

Recommendation: Add length validation for inputs to prevent excessive data submission.

Missing Input Type Validation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 113

Description: Input without proper type validation

Recommendation: Use appropriate input types (e.g., email, number, tel) to enable browser validation.

Unsafe eval() Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 36

Description: Potentially unsafe use of eval()

Recommendation: Avoid using eval() with user input. Use safer alternatives like Function() or JSON.parse().

Unsafe eval() Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 113

Description: Potentially unsafe use of eval()

Recommendation: Avoid using eval() with user input. Use safer alternatives like Function() or JSON.parse().

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 8

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 17

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 44

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 45

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 46

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 47

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 49

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 51

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 53

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 55

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 56

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 58

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 62

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 101

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 102

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 106

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 107

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 109

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 117

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 119

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 122

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 127

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 7

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-demo.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

XSS via v-html - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 109

Description: Using v-html can lead to XSS vulnerabilities if not properly sanitized

Recommendation: Avoid using v-html with user-provided content. If necessary, sanitize the content using a library like DOMPurify.

Template Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 111

Description: Potentially unsafe interpolation

Recommendation: Ensure interpolated values are properly sanitized before rendering.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 61

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 109

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 47

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 83

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 88

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 103

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 134

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 148

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 154

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 157

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 172

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 183

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 249

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 254

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 263

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 181

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 138

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 47

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 54

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 76

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 83

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 88

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 90

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 92

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 98

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 103

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 117

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 118

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 119

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 120

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 122

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 128

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 134

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 143

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 148

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 154

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 157

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 159

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 165

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 172

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 183

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 185

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 190

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 191

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 212

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 213

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 214

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 215

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 8

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 9

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 10

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\mcp-cli.js

Line: 11

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 27

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 29

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 7

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 27

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 33

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 9

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 10

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 11

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 12

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 15

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 23

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 27

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 7

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 17

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 17

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 7

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 27

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 33

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 7

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 27

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 33

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Mobile App Sensitive Information Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 7

Description: Potential mobile app sensitive information leakage

Recommendation: Avoid logging sensitive information. Implement secure logging practices. Use environment variables for secrets.

Mobile App Sensitive Information Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 27

Description: Potential mobile app sensitive information leakage

Recommendation: Avoid logging sensitive information. Implement secure logging practices. Use environment variables for secrets.

Mobile App Sensitive Information Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 29

Description: Potential mobile app sensitive information leakage

Recommendation: Avoid logging sensitive information. Implement secure logging practices. Use environment variables for secrets.

Mobile App Sensitive Information Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 33

Description: Potential mobile app sensitive information leakage

Recommendation: Avoid logging sensitive information. Implement secure logging practices. Use environment variables for secrets.

Console Log in Production - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 7

Description: 检测生产环境中的console.log

Recommendation: 移除或使用日志库替代console.log

Console Log in Production - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 27

Description: 检测生产环境中的console.log

Recommendation: 移除或使用日志库替代console.log

Console Log in Production - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 29

Description: 检测生产环境中的console.log

Recommendation: 移除或使用日志库替代console.log

Console Log in Production - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 33

Description: 检测生产环境中的console.log

Recommendation: 移除或使用日志库替代console.log

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 4

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\build.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 3

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 8

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 12

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 18

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 20

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 24

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 25

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 27

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 17

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 24

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Resource Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 12

Description: Potential cloud resource security issue

Recommendation: Monitor and secure all cloud resources. Remove unused resources. Implement resource tagging.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 3

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 7

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 8

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 11

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 15

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 25

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 3

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 15

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 24

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 25

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 27

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

Business Flow Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 28

Description: Potential business flow bypass vulnerability

Recommendation: Implement server-side validation of business processes. Use state machines for complex workflows. Verify all steps in business processes.

Business Logic Resource Exhaustion - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 15

Description: Potential resource exhaustion via business logic

Recommendation: Implement rate limiting for business operations. Set reasonable limits on resource usage. Monitor for unusual activity patterns.

Business Logic Resource Exhaustion - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 25

Description: Potential resource exhaustion via business logic

Recommendation: Implement rate limiting for business operations. Set reasonable limits on resource usage. Monitor for unusual activity patterns.

Business Logic Concurrency Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 12

Description: Potential concurrency issue in business logic

Recommendation: Implement proper concurrency control. Use transactions for critical operations. Handle race conditions gracefully.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 3

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 8

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 12

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 18

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 20

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 24

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 25

Description: Potential business data leakage

Recommendation: Implement proper data access controls. Encrypt sensitive business data. Audit access to critical business information.

Business Logic Backdoor - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 3

Description: Potential business logic backdoor

Recommendation: Review code for unauthorized access mechanisms. Implement code reviews and security scanning. Remove all backdoors and debugging endpoints.

Business Logic Backdoor - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 24

Description: Potential business logic backdoor

Recommendation: Review code for unauthorized access mechanisms. Implement code reviews and security scanning. Remove all backdoors and debugging endpoints.

Business Logic Backdoor - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 27

Description: Potential business logic backdoor

Recommendation: Review code for unauthorized access mechanisms. Implement code reviews and security scanning. Remove all backdoors and debugging endpoints.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 3

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 8

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 12

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 18

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

Security Logging - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 20

Description: Missing or inadequate security logging

Recommendation: Implement comprehensive security logging. Log authentication events, access control decisions, and security-relevant operations.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\test.js

Line: 7

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 10

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 11

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 12

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 27

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 28

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 45

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 100

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 162

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 165

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 60

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 177

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 165

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 181

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 192

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 193

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 194

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 12

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 4

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 5

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 27

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 28

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 45

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 60

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 100

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 162

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 165

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 177

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 27

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 28

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 45

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 60

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 100

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 162

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 165

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 177

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 1

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 2

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 3

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 4

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\dashboard\server.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 183

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 185

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 217

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 232

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 241

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 54

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 22

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 65

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 202

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 215

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 244

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 21

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 25

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 64

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 67

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 70

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 107

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 115

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 121

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 135

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 136

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 137

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 138

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 139

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 140

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 147

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 151

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 162

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 163

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 164

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 165

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 166

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 181

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 196

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 22

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 65

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 96

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 7

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 51

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 202

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 215

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 244

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 202

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 215

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

File Inclusion - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 244

Description: Potential file inclusion vulnerability

Recommendation: Never include files based on user input without validation.

Insecure File Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 106

Description: Potentially insecure file permissions

Recommendation: Set appropriate file permissions. Avoid world-writable files.

Insecure File Reading - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 22

Description: Potentially insecure file reading

Recommendation: Validate file paths before reading. Avoid reading files based on user input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 3

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 4

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 6

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-scanner.js

Line: 7

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 17

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 89

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Vue Plugin Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 96

Description: Vue plugin usage with potential security concern

Recommendation: Review Vue plugins, especially third-party ones, for potential security vulnerabilities and ensure they are from trusted sources.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 39

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 43

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

Large Object Memory Leak - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 107

Description: Potential memory leak from large objects

Recommendation: Avoid storing large objects in memory. Use streaming or pagination for large datasets.

SSR Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 102

Description: Potential template injection in SSR

Recommendation: Avoid using user input in template strings. Use proper templating libraries.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 45

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 62

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 65

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 66

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 67

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 68

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 69

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 70

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 76

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 103

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 112

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 123

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 142

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 143

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 144

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 157

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 158

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 159

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 160

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 161

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 162

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 163

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 164

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 165

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 186

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 189

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 190

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 191

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 192

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 210

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 211

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 212

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 213

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 214

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 215

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 219

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 224

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

Template Injection - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 240

Description: Potential template injection

Recommendation: Use safe templating libraries. Avoid string interpolation with user input.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 39

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

JSON Injection - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 61

Description: Potential JSON injection

Recommendation: Validate JSON input. Avoid string concatenation when building JSON.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 3

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 4

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 3

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 4

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 5

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 6

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 8

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 92

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\bin\vue-security-distributed.js

Line: 94

Description: Calling require with potentially unsafe data

Recommendation: Avoid using require with user-provided data. Consider using safer alternatives.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 424

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 426

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 375

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 379

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 413

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 414

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 415

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 416

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 417

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 574

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 575

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 580

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 581

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 585

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 589

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 593

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 601

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 762

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 763

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 769

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 770

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 774

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 778

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 782

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 789

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 798

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Angular XSS Bypass - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 807

Description: Potential XSS vulnerability in Angular templates

Recommendation: Avoid using [innerHTML] with user content. Use Angulars built-in sanitization.

Vue Dynamic Component Usage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 164

Description: Vue dynamic component usage

Recommendation: Validate component names to prevent loading arbitrary components.

Event Listener Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 387

Description: Potential memory leak from event listeners

Recommendation: Ensure event listeners are removed when no longer needed using removeEventListener.

Interval/Timeout Without Cleanup - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 82

Description: Potential memory leak from timers without cleanup

Recommendation: Clear timers when they are no longer needed using clearInterval/clearTimeout.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 27

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 31

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 94

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 114

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 118

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 149

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 155

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 165

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 169

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 197

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 204

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 216

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 318

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 387

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 441

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 445

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 472

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 479

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 488

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

Global Variable Memory Leak - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 497

Description: Potential memory leak from global variables

Recommendation: Avoid using global variables. Use proper scoping and cleanup.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 27

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 29

Description: Accessing document property which may lead to security issues

Recommendation: Avoid accessing document directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 31

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 48

Description: Calling vscode.commands.executeCommand with potentially unsafe data

Recommendation: Avoid using vscode.commands.executeCommand with user-provided data. Consider using safer alternatives.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 82

Description: Calling setTimeout with potentially unsafe data

Recommendation: Avoid using setTimeout with user-provided data. Consider using safer alternatives.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 94

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 114

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 118

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 149

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 155

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 165

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 169

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 197

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 204

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 216

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 318

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 441

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 445

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 472

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 479

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 488

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 497

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 620

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 624

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 667

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 671

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\src\extension.ts

Line: 680

Description: Accessing window property which may lead to security issues

Recommendation: Avoid accessing window directly. Use safer alternatives or validate input.

DOM-based XSS (HTML) - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 8

Description: Potential DOM-based XSS vulnerability

Recommendation: Avoid directly using user-controllable data in DOM manipulation functions. Sanitize and validate all inputs.

Vue 3 Composition API Potential Issue - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 2

Description: Vue 3 Composition API usage with potential security concern

Recommendation: Review Composition API usage to ensure proper validation of reactive data sources.

Privilege Escalation - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 81

Description: Potential privilege escalation vulnerability

Recommendation: Always verify user permissions before performing privileged operations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 81

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 83

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 85

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 27

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 27

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 47

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 5

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 12

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 18

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 21

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 27

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 30

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 37

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 44

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 56

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 83

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 89

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 91

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Identity Security - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 51

Description: Potential cloud identity and access management security issue

Recommendation: Implement least privilege principle. Rotate access keys regularly. Use temporary credentials.

Cloud Identity Security - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 56

Description: Potential cloud identity and access management security issue

Recommendation: Implement least privilege principle. Rotate access keys regularly. Use temporary credentials.

Cloud Identity Security - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 58

Description: Potential cloud identity and access management security issue

Recommendation: Implement least privilege principle. Rotate access keys regularly. Use temporary credentials.

Cloud Identity Security - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 103

Description: Potential cloud identity and access management security issue

Recommendation: Implement least privilege principle. Rotate access keys regularly. Use temporary credentials.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 27

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 47

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Container Image Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 2

Description: Potential container image security issue

Recommendation: Use official base images. Scan images for vulnerabilities. Implement image signing and verification.

Container Running as Root - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 2

Description: Container running as root user

Recommendation: Run containers as non-root users. Use USER directive in Dockerfile.

Container Health Check - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 2

Description: Container missing health check

Recommendation: Implement health checks for containers to ensure proper monitoring.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 27

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 1

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 27

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 29

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 30

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 38

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 45

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 50

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 47

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 12

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 98

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

DevOps Permissions Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 51

Description: Potential DevOps permissions management issue

Recommendation: Implement least privilege principle. Regularly review and rotate access credentials.

DevOps Permissions Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 56

Description: Potential DevOps permissions management issue

Recommendation: Implement least privilege principle. Regularly review and rotate access credentials.

DevOps Permissions Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 58

Description: Potential DevOps permissions management issue

Recommendation: Implement least privilege principle. Regularly review and rotate access credentials.

DevOps Permissions Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 81

Description: Potential DevOps permissions management issue

Recommendation: Implement least privilege principle. Regularly review and rotate access credentials.

undefined - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 8

Description: Assigning to riskyCast.innerHTML which may have security implications

Recommendation: Validate and sanitize data before assigning to riskyCast.innerHTML

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 8

Description: Accessing innerHTML property which may lead to security issues

Recommendation: Avoid accessing innerHTML directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 46

Description: Accessing prototype property which may lead to security issues

Recommendation: Avoid accessing prototype directly. Use safer alternatives or validate input.

undefined - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\tests\typescript-security-issues.ts

Line: 46

Description: Accessing constructor property which may lead to security issues

Recommendation: Avoid accessing constructor directly. Use safer alternatives or validate input.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 55

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 38

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 55

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 38

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 55

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 57

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 55

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 48

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 68

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 81

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 16

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 56

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 68

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 81

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 8

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 24

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 34

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 35

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Source Code Integrity - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 57

Description: Potential source code integrity issue

Recommendation: Implement Git commit signing. Use branch protection and merge request reviews.

Source Code Integrity - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 59

Description: Potential source code integrity issue

Recommendation: Implement Git commit signing. Use branch protection and merge request reviews.

Source Code Integrity - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 63

Description: Potential source code integrity issue

Recommendation: Implement Git commit signing. Use branch protection and merge request reviews.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 57

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 59

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 63

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Database Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 38

Description: Potential cloud database security issue

Recommendation: Secure cloud databases with proper access controls. Enable encryption at rest and in transit.

Cloud Monitoring Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 44

Description: Potential cloud monitoring security issue

Recommendation: Implement proper monitoring and logging. Set up alerts for security events.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 38

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 55

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 68

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 81

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 38

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 55

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 4

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 15

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 25

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 28

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 36

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 68

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 81

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 2

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 4

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 5

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\package.json

Line: 7

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 23

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

Vulnerable Webpack Version - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 34

Description: Webpack version has known security vulnerabilities

Recommendation: Update Webpack to version 5.0.0 or later.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 23

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 9

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 23

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 32

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 23

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 2

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 4

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 10

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 34

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 7

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 33

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 36

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 24

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 33

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 36

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 4

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Source Code Integrity - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 27

Description: Potential source code integrity issue

Recommendation: Implement Git commit signing. Use branch protection and merge request reviews.

Source Code Integrity - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 30

Description: Potential source code integrity issue

Recommendation: Implement Git commit signing. Use branch protection and merge request reviews.

Source Code Integrity - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 32

Description: Potential source code integrity issue

Recommendation: Implement Git commit signing. Use branch protection and merge request reviews.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 27

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 30

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 32

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Database Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 9

Description: Potential cloud database security issue

Recommendation: Secure cloud databases with proper access controls. Enable encryption at rest and in transit.

Cloud Monitoring Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 21

Description: Potential cloud monitoring security issue

Recommendation: Implement proper monitoring and logging. Set up alerts for security events.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 9

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 23

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 7

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 33

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 36

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 9

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 23

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 4

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 6

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 4

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 7

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 33

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 36

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 2

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 4

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 13

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 14

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 15

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 20

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\webpack-plugin-vue-security\package.json

Line: 27

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

XXE (XML External Entity) Injection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 114

Description: Potential XXE injection

Recommendation: Disable external entity processing in XML parsers. Use secure XML parsing configurations.

Supply Chain Attack Protection - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 19

Description: Potential supply chain attack vulnerability

Recommendation: Implement software composition analysis (SCA). Verify package integrity and signatures.

Transitive Dependency Vulnerability - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 131

Description: Potential transitive dependency vulnerability

Recommendation: Regularly audit transitive dependencies. Use dependency locking and security scanners.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 111

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 35

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 36

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 145

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 159

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 170

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Deployment Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 6

Description: Potential deployment process security issue

Recommendation: Secure deployment pipelines. Implement environment isolation and access controls.

Deployment Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 152

Description: Potential deployment process security issue

Recommendation: Secure deployment pipelines. Implement environment isolation and access controls.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 35

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 36

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 159

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 170

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 110

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 111

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Source Code Integrity - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 9

Description: Potential source code integrity issue

Recommendation: Implement Git commit signing. Use branch protection and merge request reviews.

Cloud Storage Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 114

Description: Potential cloud storage security issue

Recommendation: Secure cloud storage buckets with proper access controls. Use encryption for sensitive data.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 9

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 17

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Database Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 143

Description: Potential cloud database security issue

Recommendation: Secure cloud databases with proper access controls. Enable encryption at rest and in transit.

Cloud Database Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 146

Description: Potential cloud database security issue

Recommendation: Secure cloud databases with proper access controls. Enable encryption at rest and in transit.

Cloud Monitoring Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 131

Description: Potential cloud monitoring security issue

Recommendation: Implement proper monitoring and logging. Set up alerts for security events.

Cloud Monitoring Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 136

Description: Potential cloud monitoring security issue

Recommendation: Implement proper monitoring and logging. Set up alerts for security events.

Cloud Monitoring Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 143

Description: Potential cloud monitoring security issue

Recommendation: Implement proper monitoring and logging. Set up alerts for security events.

Cloud Monitoring Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 146

Description: Potential cloud monitoring security issue

Recommendation: Implement proper monitoring and logging. Set up alerts for security events.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 35

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 36

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 145

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 159

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 170

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Cloud Resource Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 59

Description: Potential cloud resource security issue

Recommendation: Monitor and secure all cloud resources. Remove unused resources. Implement resource tagging.

Cloud Resource Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 66

Description: Potential cloud resource security issue

Recommendation: Monitor and secure all cloud resources. Remove unused resources. Implement resource tagging.

Cloud Resource Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 79

Description: Potential cloud resource security issue

Recommendation: Monitor and secure all cloud resources. Remove unused resources. Implement resource tagging.

Cloud Resource Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 84

Description: Potential cloud resource security issue

Recommendation: Monitor and secure all cloud resources. Remove unused resources. Implement resource tagging.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 6

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 152

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 4

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 40

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 41

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 45

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 46

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 94

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 99

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 104

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 116

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 121

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vue-security-scanner-vscode\package.json

Line: 126

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 23

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 23

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 9

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 23

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 40

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 23

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 2

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 4

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 10

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 26

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 7

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 25

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 29

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 24

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 25

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 29

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 4

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Source Code Integrity - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 35

Description: Potential source code integrity issue

Recommendation: Implement Git commit signing. Use branch protection and merge request reviews.

Source Code Integrity - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 38

Description: Potential source code integrity issue

Recommendation: Implement Git commit signing. Use branch protection and merge request reviews.

Source Code Integrity - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 40

Description: Potential source code integrity issue

Recommendation: Implement Git commit signing. Use branch protection and merge request reviews.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 35

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 38

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 40

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Database Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 9

Description: Potential cloud database security issue

Recommendation: Secure cloud databases with proper access controls. Enable encryption at rest and in transit.

Cloud Monitoring Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 21

Description: Potential cloud monitoring security issue

Recommendation: Implement proper monitoring and logging. Set up alerts for security events.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 9

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 23

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 7

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 25

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 29

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 9

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 23

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 4

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 6

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 4

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 7

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 25

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 29

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 2

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 4

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 13

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 14

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 15

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 20

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\vite-plugin-vue-security\package.json

Line: 31

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 10

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 9

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 9

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 10

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 10

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 7

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 13

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 11

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 13

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Cloud Database Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 9

Description: Potential cloud database security issue

Recommendation: Secure cloud databases with proper access controls. Enable encryption at rest and in transit.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 9

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 10

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 7

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 13

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 9

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 10

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 4

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 6

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 7

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 13

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 2

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 14

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

DevOps Permissions Management - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 10

Description: Potential DevOps permissions management issue

Recommendation: Implement least privilege principle. Regularly review and rotate access credentials.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 2

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 7

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 14

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

Transaction Management Issue - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 13

Description: Potential transaction management issue

Recommendation: Use atomic transactions for critical business operations. Implement proper error handling and rollback mechanisms.

Business Logic Backdoor - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 2

Description: Potential business logic backdoor

Recommendation: Review code for unauthorized access mechanisms. Implement code reviews and security scanning. Remove all backdoors and debugging endpoints.

Business Logic Backdoor - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 7

Description: Potential business logic backdoor

Recommendation: Review code for unauthorized access mechanisms. Implement code reviews and security scanning. Remove all backdoors and debugging endpoints.

Security Auditing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 2

Description: Missing or inadequate security auditing

Recommendation: Conduct regular security audits. Test security controls and procedures. Document audit findings and remediation plans.

Security Auditing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 7

Description: Missing or inadequate security auditing

Recommendation: Conduct regular security audits. Test security controls and procedures. Document audit findings and remediation plans.

Security Response Automation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 4

Description: Missing or inadequate security response automation

Recommendation: Implement security response automation. Automate routine security tasks. Use playbooks for consistent response.

Security Response Automation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 6

Description: Missing or inadequate security response automation

Recommendation: Implement security response automation. Automate routine security tasks. Use playbooks for consistent response.

Mobile App Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 10

Description: Potential mobile app permissions issue

Recommendation: Request only necessary permissions. Use runtime permission requests. Implement permission justification.

Mobile App Data Storage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 9

Description: Potential mobile app data storage security issue

Recommendation: Use secure storage for sensitive data. Encrypt local storage. Avoid storing sensitive data in plaintext.

Mobile App Data Storage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 10

Description: Potential mobile app data storage security issue

Recommendation: Use secure storage for sensitive data. Encrypt local storage. Avoid storing sensitive data in plaintext.

Mobile App Sensitive Information Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 9

Description: Potential mobile app sensitive information leakage

Recommendation: Avoid logging sensitive information. Implement secure logging practices. Use environment variables for secrets.

Mobile App Sensitive Information Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 10

Description: Potential mobile app sensitive information leakage

Recommendation: Avoid logging sensitive information. Implement secure logging practices. Use environment variables for secrets.

Mobile App Update Mechanism - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 3

Description: Potential mobile app update mechanism issue

Recommendation: Implement secure update mechanisms. Verify update signatures. Use app store distribution channels.

WebAssembly Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\test-vue-security-scanner\package.json

Line: 10

Description: Potential WebAssembly permissions issue

Recommendation: Limit WebAssembly module permissions. Use proper origin isolation. Implement sandboxing for WebAssembly modules.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 23

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 10

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 23

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 10

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 23

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 32

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 23

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 8

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 33

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 36

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 24

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 33

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 36

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Source Code Integrity - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 27

Description: Potential source code integrity issue

Recommendation: Implement Git commit signing. Use branch protection and merge request reviews.

Source Code Integrity - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 30

Description: Potential source code integrity issue

Recommendation: Implement Git commit signing. Use branch protection and merge request reviews.

Source Code Integrity - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 32

Description: Potential source code integrity issue

Recommendation: Implement Git commit signing. Use branch protection and merge request reviews.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 27

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 30

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 32

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Database Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 10

Description: Potential cloud database security issue

Recommendation: Secure cloud databases with proper access controls. Enable encryption at rest and in transit.

Cloud Monitoring Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 21

Description: Potential cloud monitoring security issue

Recommendation: Implement proper monitoring and logging. Set up alerts for security events.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 10

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 23

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 8

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 33

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 36

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 10

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 23

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 4

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 7

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 8

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 33

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 36

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 2

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 4

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 13

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 14

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 17

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 20

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 27

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 30

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 32

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\nuxt-module-vue-security\package.json

Line: 37

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Vue Router Meta Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 33

Description: Vue Router meta field usage with potential security concern

Recommendation: Review route meta fields to ensure they do not contain sensitive information or security-related flags that could be manipulated.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 16

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Response Data Leakage - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 33

Description: Potential API response data leakage

Recommendation: Return only necessary data in API responses. Implement proper data filtering and masking.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 16

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Log Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 33

Description: Potential API log security issue

Recommendation: Implement proper log masking for sensitive data. Use secure logging practices.

API Pagination Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 49

Description: Potential API pagination security issue

Recommendation: Implement proper pagination for large datasets. Validate pagination parameters to prevent DoS attacks.

Third-Party API Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 33

Description: Potential third-party API security issue

Recommendation: Securely store third-party API keys. Implement rate limiting and error handling.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 13

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 14

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 35

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 40

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Deployment Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 13

Description: Potential deployment process security issue

Recommendation: Secure deployment pipelines. Implement environment isolation and access controls.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 34

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 35

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 40

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 5

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 7

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 12

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 13

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 14

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Source Code Integrity - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 43

Description: Potential source code integrity issue

Recommendation: Implement Git commit signing. Use branch protection and merge request reviews.

Source Code Integrity - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 47

Description: Potential source code integrity issue

Recommendation: Implement Git commit signing. Use branch protection and merge request reviews.

Source Code Integrity - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 49

Description: Potential source code integrity issue

Recommendation: Implement Git commit signing. Use branch protection and merge request reviews.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 43

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 47

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Function Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 49

Description: Potential cloud function security issue

Recommendation: Implement proper authentication and authorization for cloud functions. Validate all inputs.

Cloud Database Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 16

Description: Potential cloud database security issue

Recommendation: Secure cloud databases with proper access controls. Enable encryption at rest and in transit.

Cloud Monitoring Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 31

Description: Potential cloud monitoring security issue

Recommendation: Implement proper monitoring and logging. Set up alerts for security events.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 16

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Secret Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 33

Description: Potential cloud secret management security issue

Recommendation: Use cloud secret management services. Avoid hardcoding secrets in code or configuration.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 35

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 40

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 16

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

CI/CD Secrets Management - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 33

Description: Potential CI/CD secrets management issue

Recommendation: Use secure secrets management in CI/CD pipelines. Avoid hardcoding credentials in pipeline files.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 13

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 4

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 9

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 13

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 14

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 35

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 40

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 2

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\package.json

Line: 4

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Path Traversal - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 10

Description: Potential path traversal vulnerability

Recommendation: Validate and sanitize file paths. Use path.join() and avoid user input in paths.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 9

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 9

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 4

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 9

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 4

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 6

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 4

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 9

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 4

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

Code Quality and Security Scanning - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 10

Description: Missing code quality or security scanning

Recommendation: Integrate code quality tools and security scanners into CI/CD pipelines.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 2

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 4

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

DevOps Security Gates - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 7

Description: Missing security gates in DevOps pipeline

Recommendation: Implement security gates at each stage of the CI/CD pipeline. Block deployments with security issues.

Business Data Validation - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 4

Description: Missing or inadequate business data validation

Recommendation: Implement comprehensive data validation for all business inputs. Validate data types, ranges, formats, and business rules.

Business Logic Resource Exhaustion - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 2

Description: Potential resource exhaustion via business logic

Recommendation: Implement rate limiting for business operations. Set reasonable limits on resource usage. Monitor for unusual activity patterns.

Transaction Management Issue - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 9

Description: Potential transaction management issue

Recommendation: Use atomic transactions for critical business operations. Implement proper error handling and rollback mechanisms.

Business Logic Backdoor - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 2

Description: Potential business logic backdoor

Recommendation: Review code for unauthorized access mechanisms. Implement code reviews and security scanning. Remove all backdoors and debugging endpoints.

Business Logic Backdoor - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 4

Description: Potential business logic backdoor

Recommendation: Review code for unauthorized access mechanisms. Implement code reviews and security scanning. Remove all backdoors and debugging endpoints.

Business Logic Backdoor - CRITICAL SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 7

Description: Potential business logic backdoor

Recommendation: Review code for unauthorized access mechanisms. Implement code reviews and security scanning. Remove all backdoors and debugging endpoints.

Security Auditing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 2

Description: Missing or inadequate security auditing

Recommendation: Conduct regular security audits. Test security controls and procedures. Document audit findings and remediation plans.

Security Auditing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 4

Description: Missing or inadequate security auditing

Recommendation: Conduct regular security audits. Test security controls and procedures. Document audit findings and remediation plans.

Security Auditing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 7

Description: Missing or inadequate security auditing

Recommendation: Conduct regular security audits. Test security controls and procedures. Document audit findings and remediation plans.

Security Response Automation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 4

Description: Missing or inadequate security response automation

Recommendation: Implement security response automation. Automate routine security tasks. Use playbooks for consistent response.

Security Response Automation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 6

Description: Missing or inadequate security response automation

Recommendation: Implement security response automation. Automate routine security tasks. Use playbooks for consistent response.

Mobile App Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 2

Description: Potential mobile app permissions issue

Recommendation: Request only necessary permissions. Use runtime permission requests. Implement permission justification.

Mobile App Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 4

Description: Potential mobile app permissions issue

Recommendation: Request only necessary permissions. Use runtime permission requests. Implement permission justification.

Mobile App Network Communication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 2

Description: Potential mobile app network communication security issue

Recommendation: Use HTTPS for all network communications. Implement certificate pinning. Validate server certificates.

Mobile App Network Communication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 4

Description: Potential mobile app network communication security issue

Recommendation: Use HTTPS for all network communications. Implement certificate pinning. Validate server certificates.

Mobile App Code Obfuscation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 2

Description: Missing or inadequate mobile app code obfuscation

Recommendation: Implement code obfuscation for mobile apps. Use ProGuard for Android. Use App Transport Security for iOS.

Mobile App Code Obfuscation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 4

Description: Missing or inadequate mobile app code obfuscation

Recommendation: Implement code obfuscation for mobile apps. Use ProGuard for Android. Use App Transport Security for iOS.

Mobile App Certificate Pinning - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 2

Description: Missing or inadequate certificate pinning

Recommendation: Implement certificate pinning for mobile apps. Validate server certificates against known fingerprints.

Mobile App Certificate Pinning - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 4

Description: Missing or inadequate certificate pinning

Recommendation: Implement certificate pinning for mobile apps. Validate server certificates against known fingerprints.

Mobile App Anti-Debugging - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 2

Description: Missing or inadequate anti-debugging measures

Recommendation: Implement anti-debugging measures for mobile apps. Detect and respond to debugging attempts.

Mobile App Anti-Debugging - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 4

Description: Missing or inadequate anti-debugging measures

Recommendation: Implement anti-debugging measures for mobile apps. Detect and respond to debugging attempts.

Mobile App Update Mechanism - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 3

Description: Potential mobile app update mechanism issue

Recommendation: Implement secure update mechanisms. Verify update signatures. Use app store distribution channels.

Mobile App Update Mechanism - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 2

Description: Potential mobile app update mechanism issue

Recommendation: Implement secure update mechanisms. Verify update signatures. Use app store distribution channels.

Mobile App Update Mechanism - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 4

Description: Potential mobile app update mechanism issue

Recommendation: Implement secure update mechanisms. Verify update signatures. Use app store distribution channels.

Mobile App Third-Party Libraries - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 4

Description: Potential mobile app third-party library security issue

Recommendation: Scan third-party libraries for security vulnerabilities. Use only trusted libraries. Keep libraries updated.

Mobile App Third-Party Libraries - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 2

Description: Potential mobile app third-party library security issue

Recommendation: Scan third-party libraries for security vulnerabilities. Use only trusted libraries. Keep libraries updated.

Mobile App Local Storage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 2

Description: Potential mobile app local storage security issue

Recommendation: Use secure local storage. Encrypt sensitive data. Implement data protection policies.

Mobile App Local Storage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 4

Description: Potential mobile app local storage security issue

Recommendation: Use secure local storage. Encrypt sensitive data. Implement data protection policies.

WebAssembly Validation - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 4

Description: Missing or inadequate WebAssembly validation

Recommendation: Validate all WebAssembly modules before instantiation. Use proper module signing. Implement integrity checks for WebAssembly code.

WebAssembly Integrity - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\mcp\test-npm-package\package.json

Line: 4

Description: Potential WebAssembly integrity issue

Recommendation: Implement WebAssembly module integrity checks. Use subresource integrity (SRI) for WebAssembly files. Validate module hashes before instantiation.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 6

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 8

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Build Process Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 13

Description: Potential build process security issue

Recommendation: Secure build environments. Implement build artifact signing and verification.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 8

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Dependency License Security - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 13

Description: Potential dependency license security issue

Recommendation: Verify dependency licenses for compliance. Use license scanning tools.

Missing Code Signing - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 6

Description: Potential missing code signing

Recommendation: Implement code signing for build artifacts. Verify signatures during deployment.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 8

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Cloud Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 13

Description: Potential cloud deployment security issue

Recommendation: Implement secure deployment practices. Use infrastructure as code with proper security controls.

Cloud Service Account Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 5

Description: Potential cloud service account security issue

Recommendation: Use service accounts with least privilege. Rotate service account keys regularly.

Cloud Service Account Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 6

Description: Potential cloud service account security issue

Recommendation: Use service accounts with least privilege. Rotate service account keys regularly.

Cloud Service Account Security - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 14

Description: Potential cloud service account security issue

Recommendation: Use service accounts with least privilege. Rotate service account keys regularly.

Container Orchestration Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 5

Description: Potential container orchestration security issue

Recommendation: Secure Kubernetes clusters. Implement RBAC. Use secrets management. Apply network policies.

Container Orchestration Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 6

Description: Potential container orchestration security issue

Recommendation: Secure Kubernetes clusters. Implement RBAC. Use secrets management. Apply network policies.

Container Orchestration Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 14

Description: Potential container orchestration security issue

Recommendation: Secure Kubernetes clusters. Implement RBAC. Use secrets management. Apply network policies.

Automated Deployment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 4

Description: Potential automated deployment security issue

Recommendation: Implement secure deployment practices. Use deployment keys with limited scope. Validate deployments.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 6

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 8

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Build Environment Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 13

Description: Potential build environment security issue

Recommendation: Secure build environments. Use isolated containers. Clean up build artifacts and credentials.

Transaction Management Issue - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 8

Description: Potential transaction management issue

Recommendation: Use atomic transactions for critical business operations. Implement proper error handling and rollback mechanisms.

Transaction Management Issue - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 13

Description: Potential transaction management issue

Recommendation: Use atomic transactions for critical business operations. Implement proper error handling and rollback mechanisms.

Security Response Automation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 4

Description: Missing or inadequate security response automation

Recommendation: Implement security response automation. Automate routine security tasks. Use playbooks for consistent response.

Mobile App Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 2

Description: Potential mobile app permissions issue

Recommendation: Request only necessary permissions. Use runtime permission requests. Implement permission justification.

Mobile App Permissions - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 11

Description: Potential mobile app permissions issue

Recommendation: Request only necessary permissions. Use runtime permission requests. Implement permission justification.

Mobile App Network Communication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 2

Description: Potential mobile app network communication security issue

Recommendation: Use HTTPS for all network communications. Implement certificate pinning. Validate server certificates.

Mobile App Network Communication - HIGH SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 11

Description: Potential mobile app network communication security issue

Recommendation: Use HTTPS for all network communications. Implement certificate pinning. Validate server certificates.

Mobile App Code Obfuscation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 2

Description: Missing or inadequate mobile app code obfuscation

Recommendation: Implement code obfuscation for mobile apps. Use ProGuard for Android. Use App Transport Security for iOS.

Mobile App Code Obfuscation - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 11

Description: Missing or inadequate mobile app code obfuscation

Recommendation: Implement code obfuscation for mobile apps. Use ProGuard for Android. Use App Transport Security for iOS.

Mobile App Certificate Pinning - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 2

Description: Missing or inadequate certificate pinning

Recommendation: Implement certificate pinning for mobile apps. Validate server certificates against known fingerprints.

Mobile App Certificate Pinning - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 11

Description: Missing or inadequate certificate pinning

Recommendation: Implement certificate pinning for mobile apps. Validate server certificates against known fingerprints.

Mobile App Anti-Debugging - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 2

Description: Missing or inadequate anti-debugging measures

Recommendation: Implement anti-debugging measures for mobile apps. Detect and respond to debugging attempts.

Mobile App Anti-Debugging - LOW SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 11

Description: Missing or inadequate anti-debugging measures

Recommendation: Implement anti-debugging measures for mobile apps. Detect and respond to debugging attempts.

Mobile App Update Mechanism - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 3

Description: Potential mobile app update mechanism issue

Recommendation: Implement secure update mechanisms. Verify update signatures. Use app store distribution channels.

Mobile App Update Mechanism - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 2

Description: Potential mobile app update mechanism issue

Recommendation: Implement secure update mechanisms. Verify update signatures. Use app store distribution channels.

Mobile App Update Mechanism - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 11

Description: Potential mobile app update mechanism issue

Recommendation: Implement secure update mechanisms. Verify update signatures. Use app store distribution channels.

Mobile App Third-Party Libraries - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 2

Description: Potential mobile app third-party library security issue

Recommendation: Scan third-party libraries for security vulnerabilities. Use only trusted libraries. Keep libraries updated.

Mobile App Third-Party Libraries - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 11

Description: Potential mobile app third-party library security issue

Recommendation: Scan third-party libraries for security vulnerabilities. Use only trusted libraries. Keep libraries updated.

Mobile App Local Storage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 2

Description: Potential mobile app local storage security issue

Recommendation: Use secure local storage. Encrypt sensitive data. Implement data protection policies.

Mobile App Local Storage - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 11

Description: Potential mobile app local storage security issue

Recommendation: Use secure local storage. Encrypt sensitive data. Implement data protection policies.

WebAssembly Performance Security - MEDIUM SEVERITY

File: E:\work\202601211205\vue-security-project\vue-security-scanner\example-vue-app\package.json

Line: 18

Description: Potential WebAssembly performance security issue

Recommendation: Implement resource limits for WebAssembly modules. Monitor WebAssembly execution time. Use proper throttling for WebAssembly operations.